Set up API End User Permissions to Make REST Queries in Strapi

Daniel Phiri
InstructorDaniel Phiri
Share this video with your friends

Social Share Links

Send Tweet
Published a year ago
Updated a year ago

We have a problem right now in that if you were to try and fetch these posts from the API, you would get a 403 error. And that's because we haven't set up the end user permissions for the API to be able to access this content. So let's go ahead and do that now.

We'll modify the User permissions for the Post role and give public access to find and findOne.

Instructor: [0:00] We want to be able to access the content that we added into our CMS via the API. In our browser, when we make a request to localhost:1337/api/posts and check our network, we get an error message saying, "Forbidden."

[0:19] To grant users access to the content via the API, we need to adjust our user permissions inside of Strapi. We'll go to Settings, and under Users & Permissions plugin, we'll click Roles, we'll click Public, and look for our post collection type. We'll click find and findOne to give users get access to posts for all posts and individual posts.

[0:45] We'll click Save and go back to our browser tab and refresh. When we check the response, we have the data that we just entered, entitled, "Accept Branch-out California Protocol to Genie." That is how you set up API end-user permissions in Strapi.

egghead
egghead
~ 46 seconds ago

Member comments are a way for members to communicate, interact, and ask questions about a lesson.

The instructor or someone from the community might respond to your question Here are a few basic guidelines to commenting on egghead.io

Be on-Topic

Comments are for discussing a lesson. If you're having a general issue with the website functionality, please contact us at support@egghead.io.

Avoid meta-discussion

  • This was great!
  • This was horrible!
  • I didn't like this because it didn't match my skill level.
  • +1 It will likely be deleted as spam.

Code Problems?

Should be accompanied by code! Codesandbox or Stackblitz provide a way to share code and discuss it in context

Details and Context

Vague question? Vague answer. Any details and context you can provide will lure more interesting answers!

Markdown supported.
Become a member to join the discussionEnroll Today