View Issue Details
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0027349||mantisbt||api rest||public||2020-09-25 08:16||2020-10-17 12:57|
|Status||closed||Resolution||no change required|
|Summary||0027349: Cannot disable anonymous API access|
I want to use API and to secure it by using tokens.
I dont have an anonymous user and my projects are private.
My problem is that me api is public and anyone can use it with out token.
How can i configure Mantis to always use token for the REST API?
|Tags||No tags attached.|
Did you read https://mantisbt.org/docs/master/en-US/Admin_Guide/html-desktop/#admin.config.api ?
After the changes int he config i have another issue.
The solution that worked for me when i get error 401 on the api is to add the following to the .htaccess in the /api/rest directory:
Thanks for the feedback and glad to hear you found a solution to your problem.
This works just fine for me without altering .htaccess, so it would be interesting to know, why your server is dropping the Authorization header.
I couldn't find out ...I thought it was the php-fpm module but it is not enabled.....Since it is shared hosting i think that i will never be able to know why :)
OK, in that case I'll close this as no change required since the problem seems to be specific to your environment.
|2020-09-25 08:16||e4rthdog||New Issue|
|2020-09-25 09:11||dregad||Status||new => feedback|
|2020-09-25 09:11||dregad||Note Added: 0064483|
|2020-09-25 10:01||e4rthdog||Note Added: 0064484|
|2020-09-25 10:01||e4rthdog||Status||feedback => new|
|2020-09-25 10:01||e4rthdog||Note Edited: 0064484||View Revisions|
|2020-09-25 10:02||e4rthdog||Note Edited: 0064484||View Revisions|
|2020-09-25 10:03||e4rthdog||Note Edited: 0064484||View Revisions|
|2020-09-26 00:51||e4rthdog||Note Added: 0064486|
|2020-09-26 06:11||dregad||Status||new => feedback|
|2020-09-26 06:11||dregad||Note Added: 0064487|
|2020-09-26 06:24||e4rthdog||Note Added: 0064488|
|2020-09-26 06:24||e4rthdog||Status||feedback => new|
|2020-09-26 06:38||dregad||Assigned To||=> dregad|
|2020-09-26 06:38||dregad||Status||new => resolved|
|2020-09-26 06:38||dregad||Resolution||open => no change required|
|2020-09-26 06:38||dregad||Note Added: 0064489|
|2020-10-17 12:57||atrol||Status||resolved => closed|