500 error: "fobidden access" on /api/upload

I am trying to upload a file to the /api/upload endpoint. I am authenticating, but I am getting a 500 error: forbidden access. I am attempting with Python and with cURL. I am thinking I have my privileges misconfigured? The service account uploading this file has editor and reader permissions set. I can share my code if you would like but I think it is an admin issue.

[2022-02-06 19:36:50.948] error: Forbidden access
ForbiddenError: Forbidden access
    at Object.verify (/srv/strapi-azure/node_modules/@strapi/plugin-users-permissions/server/strategies/users-permissions.js:89:13)
System Information
  • Strapi Version: 4.0.7
  • Operating System:
  • Database:
  • Node Version:
  • NPM Version:
  • Yarn Version:

Not sure if this helps but you will get ‘forbidden’ when your Authorization Bearer token is missing or malformed in the header of your POST request. Otherwise, the generic error 500 is typically thrown when the server hits an unexpected condition.

This is how I form the headers:
headers = {
‘Authorization’: f"Bearer {jwt}",

I know am getting the jwt successfully. I also can verify because I also wrote code to publish a new “Product” object and I was able to create and object. The trouble is with upload.

Let me share my code:

subprocess.run(["curl", "-H", f"'Authorization: Bearer {jwt}'", '-X', 'POST', 'http://<my strapi server id address>:1337/api/upload', '-H', "'content-type: multipart/form-data;'", '-F', "'file=/path/to/my/file/@Afilename.stl'"], shell=True, check=True)

here is another way I tried it:

url = f"{strapi_server_url}/api/upload"

headers = {    'Authorization': f"Bearer {jwt}"}
filename = "filename.stl"
file=open(os.getcwd() + f'\\{filename}', 'rb')
payload={'submit': "Submit"}
response = requests.post(url, files={'file': (filename, file )}, data=payload, headers=headers)