1

I have a question related to the appwrite functions, I made one function following the example in the tutorial.I deployed the function and running in the appwrite console works just fine. But I did a web app to test the function, installed the sdk and called the function... but always shows a message with the 401 code, saying the guest user doesnt have write permitions. I return to the appwrite panel and checked all the permissions for the function, but still showing that error code with the same write permission problem for the guest user.

The error returned:

{message: "User (role: guest) missing scope (execution.write)", code: 401,…}
code: 401
message: "User (role: guest) missing scope (execution.write)"
type: "general_unauthorized_scope"
version: "0.13.4

I looked in the example in the docs and I didn't found the place where I can indicate a user for the function call in the SDK.

I'm stuck in this problem for 5 days, someone know how to solve or can give me some direction?

Appwrite version 0.13.4 running at a digital ocean server.

Gabriela Mendes
  • 191
  • 1
  • 4
  • 14

5 Answers5

5

Ahoi there~

What you're missing is either an active session through logging in:

const sdk = new Appwrite();

sdk
    .setEndpoint('https://[HOSTNAME_OR_IP]/v1') // Your API Endpoint
    .setProject('5df5acd0d48c2') // Your project ID
;

let promise = sdk.account.createSession('email@example.com', 'password');

promise.then(function (response) {
    console.log(response); // Success
}, function (error) {
    console.log(error); // Failure
});

Or you can go to the "Settings" tab of your function and change the execution permission to include "role:guest".

I discourage the use of the second option for obvious security reasons (everyone can execute your function).

Cheers,

Vincent

Vincent Ge
  • 111
  • 3
  • Hello Vicent, The first suggestion works, with the createSession method. The unsafe suggestion doesn't, I set the role to role:guest and the 401 error with the same message still happening. But I'll use the first solution. Thanks! – Gabriela Mendes May 12 '22 at 01:02
  • 1
    That... sounds like a bug! I'll go file this as an issue, but regardless, having a session is recommended anyway. For security reasons :D – Vincent Ge May 18 '22 at 18:52
  • I believe this is the intended behavior. No unauthenticated writing to the database ever, meaning you need a session. It should work fine if you authenticate your user with account.createAnonymousSession(). https://appwrite.io/docs/client/account?sdk=web-default#accountCreateAnonymousSession – jparg Sep 13 '22 at 12:22
  • You're right. That is the behavior. No writes unless there is an active session :) – Vincent Ge Sep 27 '22 at 19:39
0

had the same problem a few weeks ago. Appwrite does not log you in or generate any session token for your appwrite functions. It just executes them like any other program. Therefor, you have to authenticate yourself first. You can do that by logging in (like Vincent Ge answered) or by using an api token. The later gives you the option to give the function exactly the permission it needs to do its job. Later on you can pass the api key via environment variables to your function.

To get started just head over to api-keys on the appwrite dashboard and click on "add api-key". Toggle the settings your function needs and generate the api key. Save the key and head over to your function. You can set up environment variables for your function at the bottom of your function-settings. Set up the api key for example as the key APPWRITE_FUNCTION_API_KEY with your function key as the value.

Now access the key in your function code and use client.setKey to use the key for each call to appwrite.

Cheers, Nico

Nicolas Klein
  • 18
  • 3
0

Project ID is required, in header add X-Appwrite-Project

Postman

Juan Carlos Ajahuana Quispe
  • 41
  • 1
  • 4
0

Go to Settings > API Keys,

  • If you don't have any api key then create one with persmissions you need
  • If you have already an api key then you can give that api key those permissions you need
Musa Atalay
  • 1
  • 3
-1

You need to have an active session in order to be able to execute the function, are you logged in?

Eng Mghase
  • 524
  • 6
  • 14