Set url_icon results in Error 303
I'm trying to set the avatar url by posting to /restapi/vc/users/login/<name>/profiles/name/url_icon/set however the response it returns has an error code of 303. The body of the post value=h...
Forum Discussion
Hey jbrown,
The 303 error message indicates that the user making the API call does not have permission to modify the profile image. Unless you're an admin, a user can only change their own icon.
Are you using an admin account to try to update the url_icon using the API?
Thank you,
Yuri
Currently we're trying to update a users icon with their own account. I'll double check our permissions. If that doesn't work I'll just use an admin account.
Thanks.
You may not have allowed regular users to make REST write calls. The permissions system separates read and write REST operations.
As xorrkaz said, the user you are making the REST call as might not have permission to make REST API write calls. Here are some permissions you want to look at:
- "Choose an avatar" (under the "User Profiles" section) if you want to give users the ability to choose an avatar
- "Use an externally hosted avatar image" (under the "User Profiles" section): if you want users to be able to use external images for their avatars (be careful when turning this on, this decreases the security of your site by making you more open to XSS attacks)
- "Manage users" (under "User Management") if you want to give users the ability to set other user's avatars.
- "Make REST API calls with modify access" (under "REST API") to give users the ability to make REST calls that modify data -- you need this if you want to make the REST call to set an avatar.
At the very least, you need the "Choose an avatar" and "Make REST API calls with modify access" permissions turned on.
