Invoking Endpoints via Swagger
First attempt (Error 403)
To invoke an endpoint via Swagger, click the Authorize button as shown in the image below and complete the authentication process.
It will appear the following modal:
Use client_id dev and press on the Authorize button.
Then you will be redirected on a keycloak login page as shown in the screenshot below. You will be able to login with differents user already set. One of the available users you can use is:
- Username: bob
- Password: 123
More credentials are available in the Keycloak set up earlier during the SOKit Initializer setup.
You are now logged in as shown by the button
If you now try to invoke an endpoint, for example, a review operation (that is an officier operation), you will receive a 403 Forbidden error.
This occurs because the user bob does not have the required permission to access this endpoint.
Therefore, to invoke the search endpoint, the user must have the role: officier.
Since bob lacks this role, access is denied.
