I’m following the GraphQL guide here and have successfully generated a JWT for my super admin user. I’ve included that token in the “Http Headers” panel as { "Authorization": "Bearer <jwt>" }. However, I’m not able to perform any queries aside from { me }. Requesting, say, { restaurants } returns a 403 Forbidden error.
Have I missed a step somewhere in configuring permissions? Otherwise, Strapi looks very impressive!
I applied the same permissions to the Editor role and gave that role to my user as well. I’m still getting Forbidden errors. As far as I know, I’ve followed the Strapi tutorials verbatim. Any other insight as to what I could be missing?
Oh my gosh… yes, having two “Roles” in that menu bar is very confusing. That worked though, thank you! I was pulling my hair out because the roles and permissions system seemed otherwise quite intuitive.