Forum Discussion

fengka's avatar
fengka
Contributor
9 years ago

How to grant writable permission to lithium via REST API?

I am currently developing a customized mobile App to read/write our company’s forum which is based on lithium platform by using the REST API. I have a consumer key/secret to lithium platform. I followed the OAuth 2.0 authorization grant flow (http://community.lithium.com/t5/Community-API-v2/OAuth-2-0-authorization-grant-flow/ta-p/138402 ) in wiki to get the authentication Bearer token. I can use this Bearer token to read data via V2 REST API.

 

However, if I try to write data back to the forum by REST API, like give a kudo to a post by calling REST API:

 

POST https://api.lithium.com/community/v1/[tanent name]/messages/id/[messageid]/kudos/give

Authentication: Bearer vuVDPEkI+XLytr7hMGo0RkwucYF8belsX2XjI1qu+zM=

client-id: xxxxxxxxxxxxxx(a valid client id)

 

I always get the error like this:

 

  <error code="303">

    <message>

      User xxxxx does not have the following permission(s) at 78: [ allow_restapi_call_read ]

    </message>

  </error>

 

One solution to solve this is our forum administrator grant my forum account writable permission then the API call to give a kudo will be successful.

 

So the questions are:

 

  1. how can we grant all our forum user the permission to write back to the forum by using RESTful API with our App?
  2. Should the administrator grant all the user the writable permission one by one or in batch?
  3. Or can we request a new consumer key/secret to enable the writable permission to the lithium via REST API?
  4. Or what is the best practice to write back to lithium via REST API?

 

Thanks.

    • fengka's avatar
      fengka
      Contributor
      9 years ago

       Hi TariqHussain,

       

      Thanks for your reply. What id Restadmin() ?  do I need to use any sdk to use this? Can we use the general Rest Client or Curl to call the REST API? Something like this:

       

      curl -X POST -H "Content-Type: application/json" -H "Authorization: Bearer vuVDPEkI+XLytr7hMGo0RkwucYF8belsX2XjI1qu+zM=“ -H "client-id: xxxxxxxxxxxxx" https://api.lithium.com/community/v1/[tanent name]/messages/id/[messageid]/kudos/give

       

      Actually, I am using javascript fetch api for the REST : https://developer.mozilla.org/en-US/docs/Web/API/Fetch_API/Using_Fetch

      How can I make the restadmin() in this scenario?

      • TariqHussain's avatar
        TariqHussain
        Boss
        9 years ago

        fengka

        are you familiar with endpoints ? you need to create an endpoint and you will get endpoint url. with javascript you can directly hit your request to endpoint url.

        <#assign msgID = http.request.parameters.name.get("messageid","") />

  <#if msgID !=''>

    <#assign messages = restadmin("messages/id/${msgID}/kudos/give").messages >
     
  </#if >