Skip to content

[Bug]: deleteUser Request is missing API Key #35

Description

@romulus-ai

What happened?

I get an 403 Exception everytime I want to delete a User via API. Creating and Updating works fine.

Problem is here:


this is missed:
security:

  • app_key: []

Here the app_key will not be used when trying to delete the user. I will create a PR.

Steps to reproduce?

1. Create a User via API, OpenAPI Object should have defined an "app_key"
2. Try to delete it via deleteUser(...) function (neither via external_id nor onesignal_id it will work)

What did you expect to happen?

User should be deleted

Relevant log output

Message: 
HTTP response code: 403
HTTP response body: {"errors": ["Access denied.  Please include an 'Authorization: ...' header with a valid API key (https://documentation.onesignal.com/docs/accounts-and-keys)."]}

HTTP response headers: {access-control-allow-headers=[OneSignal-Subscription-Id], alt-svc=[h3=":443"; ma=86400], cf-cache-status=[DYNAMIC], cf-ray=[8e1fbc9edf0ed399-FRA], content-type=[text/plain], date=[Wed, 13 Nov 2024 15:18:51 GMT], server=[cloudflare], set-cookie=[__cf_bm=MGjCrFcok.9q0MuLQnDT7KBABDhv11Wmt6JEk7pVK1M-1731511131-1.0.1.1-Fg_mW_7B.ZtHBrqxjVgaeLEan2tj2ZZjU4vQCMdtbLfH5HjSEky5QB2FwdjlddpY21GvKZMA3l9_qONAt_ETBw; path=/; expires=Wed, 13-Nov-24 15:48:51 GMT; domain=.onesignal.com; HttpOnly; Secure; SameSite=None], strict-transport-security=[max-age=15552000; includeSubDomains], via=[1.1 google]}
com.onesignal.client.ApiException: Message: 
HTTP response code: 403
HTTP response body: {"errors": ["Access denied.  Please include an 'Authorization: ...' header with a valid API key (https://documentation.onesignal.com/docs/accounts-and-keys)."]}

HTTP response headers: {access-control-allow-headers=[OneSignal-Subscription-Id], alt-svc=[h3=":443"; ma=86400], cf-cache-status=[DYNAMIC], cf-ray=[8e1fbc9edf0ed399-FRA], content-type=[text/plain], date=[Wed, 13 Nov 2024 15:18:51 GMT], server=[cloudflare], set-cookie=[__cf_bm=MGjCrFcok.9q0MuLQnDT7KBABDhv11Wmt6JEk7pVK1M-1731511131-1.0.1.1-Fg_mW_7B.ZtHBrqxjVgaeLEan2tj2ZZjU4vQCMdtbLfH5HjSEky5QB2FwdjlddpY21GvKZMA3l9_qONAt_ETBw; path=/; expires=Wed, 13-Nov-24 15:48:51 GMT; domain=.onesignal.com; HttpOnly; Secure; SameSite=None], strict-transport-security=[max-age=15552000; includeSubDomains], via=[1.1 google]}
	at app//com.onesignal.client.ApiClient.handleResponse(ApiClient.java:1081)
	at app//com.onesignal.client.ApiClient.execute(ApiClient.java:994)
	at app//com.onesignal.client.ApiClient.execute(ApiClient.java:977)
	at app//com.onesignal.client.api.DefaultApi.deleteUserWithHttpInfo(DefaultApi.java:2074)
	at app//com.onesignal.client.api.DefaultApi.deleteUser(DefaultApi.java:2052)

Code of Conduct

  • I agree to follow this project's Code of Conduct

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't working

    Type

    No type
    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions