问题
I am getting 400 bad request error while calling "/api/get_roster" endpoint of ejabberd. I had kept "get_roster" in the scope while requesting the oauth token.
400 bad request error in ejabberd
I guess there is some issue with the permissions. Here is my configuration file:
https://www.dropbox.com/s/his89bx39qhvr1h/ejabberd2.yml?dl=0
I have tried to follow the official documentation. As per the API permission guide, I have also tried adding following properties:
api_permissions:
- "Admin access":
- who:
- admin
- what
- "\*"
- "!stop"
But there was no change. I have following questions:
- What am I doing wrong here?
- What are possible scopes?
回答1:
Your request should contain Authorization header as below:
curl -v -X POST -H "Authorization: Bearer <Oauth_token>" http://localhost:5280/api/get_roster -d '[]'
回答2:
You can refer to this link for more details. If you are accessing as admin you can use commands_admin_access rule to provide access to api commands and specify the commands you want to access as follows:
commands:
- add_commands:
- get_roster
commands_admin_access: configure
回答3:
You are using very old version of Ejabberd. Latest is 17.04 which has lots of changes in API permission framework from 16.01 . api_permission related configuration came in 16.12 version. Please refer this for more detail.
来源:https://stackoverflow.com/questions/43350010/400-bad-request-error-while-calling-ejabberd-api