Invalid Credentials for authenticated users via API usage

Bryce_Wilson · June 18, 2021, 9:28am

System Information

Strapi Version: 3.6.x
Operating System: Linux/MacOS
Database: Postrgresql
Node Version: 14.5.x
NPM Version: 6.14.x
Yarn Version: 1.22.x

Hi all,

I am having issues trying to retrieve content from my Strapi CMS via the the api.

Initially it all seemed to work fine but anyone other than the initials user (generating the ID of ‘1’) cannot access the API and gets a response of:

{“statusCode”:403,“error”:“Forbidden”,“message”:“Invalid credentials”}

I am passing in the JWT token retrieved from the successful login:

Authorization: Bearer XXXXXXX

I have set up my user-permissions to allow access to the role of ‘authenticated’ and the users have the role of ‘authenticated’.

I really appreciate any help regarding this.

q4Zar · June 18, 2021, 10:03am

It’s because you aren’t creating users from the good place, you need to go to Parameters/AdminPanel/Users and not just add an entry to the Users collections.

Hope it works for you !

Bryce_Wilson · June 18, 2021, 10:05am

Thank you for the the quick reply - I am looking to create users for the front end of the application and not Strapi Admin users? This is using the “registration” and “login” functions from the docs.

Khoa_Nguyen · June 20, 2021, 8:26am

If you accidentally set the same JWT secrets for both admin and user, this a good reference to fix it: JWT authentication - HTTP 403 - Invalid credentials - `strapi develop` · Issue #14 · strapi/documentation · GitHub

Bryce_Wilson · June 20, 2021, 8:41am

This sounds absolutely spot on, I’ll give it a try and report back - thanks a million for responding!

Bryce_Wilson · June 21, 2021, 6:22pm

Thank you so much for helping resolve this issue; massive kudos to you