I’ve encountered a problem with the invite feature. I would like to create a stream on our site and add people to it later. I’m using graphql for this, and it creates the stream without any issues, but every time I try to add someone, I get a message that I don’t have the necessary permissions.
We’ll need some more context to understand what’s going on. Are you self-hosting or running these against Speckle on the cloud? If you’re self-hosting - what speckle server version is it and have you made any modifications to it yourself? Also - can you please post the actual error response body? And how did you create SPECKLE_MAIN_KEY - is it a personal access token? What kind of scopes did you give it access to?
Judging by the screenshot I can already see a problem, however - you’re passing in your token in the Authorization header without the ‘Bearer’ prefix (I presume). The header value has to be Bearer {TOKEN} not just {TOKEN}
The header is accepted without any issues elsewhere using this method, for example, fetching data, creating and deleting streams.
In this case, for example, it works flawlessly:
@Gircsi117 My screenshot is not an example of a GQL query, but the definition of our GQL schema. It shows that you need the “users:invite” scope for your token to be able to invoke the streamInviteCreate mutation.
Judging by the screenshot you posted in your previous reply, your token does not have such a scope. After consulting with the team, I’ve come to understand that the “users:invite” scope is allowed for first party apps only to discourage people from programmatically spamming invite creation.