Auth tokens not working for app viewers

  • Goal: App viewers to see data which is fetched from an authenticated API

  • Steps: Setting the api key in various ways for the resource, and queries. Publishing the app.

  • Details: Data is visible to editors who are able to access the Edit page and click the 'Re-auth' button. Viewers don't get any data and the network console shows the queries are receiving 401 responses.

1 Like

In the Retool Audit Log, I can see the same query being run for my editor account, and for my viewer account and one received a 200 and the other receives the 401

hey @Michael_Stone are you using Retool user attributes for the API key? or how are you assigning them to editor accounts?

Hey @Michael_Stone!

Just another question - did you authenticate the API using OAuth?

hey @trz-justin-dev, we're setting the API key with a header attribute on the API Resource

and do the users/user-groups have permission to use the API resource?

Settings > Permissions > External Users > Resources > check "Use"

1 Like

Hey @Michael_Stone! I agree with @trz-justin-dev - it sounds like there might be something wonky with the permissions settings for that specific resource. I'd start by looking there!