Builds API broken - "access denied to route: /accounts/:accountId/runStatus"

[HariSekhon]

The Shippable API is broken for both the accounts and builds endpoints, but works with the same account id and token for the projects endpoint, implying that my account id and token auth are not the problem.

The error I get for both the builds and account endpoints are:

"access denied to route: /accounts/:accountId/runStatus"

"access denied to route: /accounts"

I use a script in my GitHub for calling the builds API which hasn't changed, which makes me think that it's something on the authz end that might have changed on Shippable's end (I did check http://status.shippable.com/ but everything is reported as operational there):

$ curl -sSH 'Accept: application/json' -H "Authorization: apiToken $SHIPPABLE_TOKEN" https://api.shippable.com/accounts/5672edc90ea38f0d00b020cb/runStatus
{"logType":"warn","methodName":"/accounts/:accountId/runStatus|GET|validateAccount|_computeShim","id":2000,"message":"access denied to route: /accounts/:accountId/runStatus"}

but the projects API endpoint works with the same token and account ID:

$ curl -sSH 'Accept: application/json' -H "Authorization: apiToken $SHIPPABLE_TOKEN" 'https://api.shippable.com/projects/?sortBy=createdAt&sortOrder=-1&ownerAccountIds=5672edc90ea38f0d00b020cb'
5e52c63645c70f0007ff5152        HariSekhon      pylib
5e52c636d79b7d00077bf5f5        HariSekhon      Nagios-Plugins
5e52c63620adbf000670adf6        HariSekhon      Nagios-Plugin-Kafka
5e52c63645c70f0007ff514e        HariSekhon      lib-java
5e52c6364c324200063326d5        HariSekhon      lib
5e52c635b15ffc00071d8f7a        HariSekhon      HAProxy-configs
5e52c6344c324200063326d1        HariSekhon      Dockerfiles
5e52c63445c70f0007ff5144        HariSekhon      DevOps-Python-tools
5e52c6341b064c0007d02b0c        HariSekhon      DevOps-Perl-tools
5e52c634d79b7d00077bf5ed        HariSekhon      DevOps-Bash-tools

The accounts API endpoint has always been broken for me, I raised the issue on the website but realize it's probably better tracked here too (can fork this to a new ticket if needed, but not sure if this is really the same underlying problem):

$ curl -sSH 'Accept: application/json' -H "Authorization: apiToken $SHIPPABLE_TOKEN" https://api.shippable.com/accounts
{"logType":"warn","methodName":"/accounts|GET|validateAccount|_computeShim","id":2000,"message":"access denied to route: /accounts"}

[a-murphy]

Access to the API is restricted for users without paid subscriptions (documentation). A few routes will work, but not many. However, I'm not sure why you would need an /accounts route for a badge. It looks like the issue you have linked above is trying to call /projects/:projectId/branchRunStatus, which should be possible to call without a token.

[HariSekhon]

@a-murphy

Thanks very much for the feedback.

I have tested /projects/:projectId/branchRunStatus and I can indeed access that without even a token.

Would it possible to allow free account tokens to access /accounts/:accountId/runStatus? It sort of doesn't make sense to have such limited API access, such as projects but not builds. I've used a lot of hosted CI systems and I don't recall any of the others having such a restricted API as it means personal developers like me can't really properly test out or develop against the system.

Regarding the /accounts route, I had a script to find the account id from the token, for easier use in other scripts, to auto figure it out for other scripts so it would be good if that worked too.