We are trying to use the APIs with the generated User Token and POSTs return a {“errors”:[{“msg”:“Insufficient privileges”}]} when the account is admin
This issue only happens when using the generated User Token. Authentication with the same user’s UN/PW works. We tried in another instance on 5.6.5 and it works. Any clue?
6.7.5 brought some consistency around permissions where even a user with “Administer System” permissions on an instance must also explicitly have administration rights on a project to perform actions on them.
Apologies for not seeing the part of your opening post where you mentioned UN/PW credentials of the user worked fine. So not a permissions issue.
As noted in our Web API Docs, the token should go where you would expect the username to in a basic auth (un:pw) situation. Is this what you’re doing in your web API call?
If you have a look at the link that @Colin has provided you, you could see the following important comment about the usage of user token :
curl -u THIS_IS_MY_TOKEN: https://sonarqube.com/api/user_tokens/search # note that the colon after the token is required in curl to set an empty password