search

coollabsio / coolify

An open-source & self-hostable Heroku / Netlify / Vercel alternative.
https://coolify.io
Apache License 2.0
33.56k stars 1.82k forks source link

[Bug]: Deploy API "You are not allowed to access the API" unclear message #4099

Closed Nubebuster closed 2 hours ago

Nubebuster commented 3 hours ago

Error Message and Logs

{"success":true,"message":"You are not allowed to access the API."}

Steps to Reproduce

  1. Create an app and go to the webhook section, copy the url
  2. Create an api key at https://coolify.domain.com/security/api-tokens with root access
  3. curl -X POST "https://coolify.domain.com/api/v1/deploy?uuid=uuid&force=false" \ -H "Authorization: Bearer 1|TOKEN"
  4. {"success":true,"message":"You are not allowed to access the API."}

Example Repository URL

No response

Coolify Version

v4.0.0-beta-360

Are you using Coolify Cloud?

No (self-hosted)

Operating System and Version (self-hosted)

Ubuntu 24

Additional Information

No response

Nubebuster commented 3 hours ago

At https://coolify.domain.com/settings you can specify whitelisted ips. The error message is vague. Perhaps better for security, but very annoying.

At https://coolify.domain.com/security/api-tokens there is no indication of this setting at /settings. Maybe the ip whitelist should be moved to or at least be mentioned in the api tokens page.

Nubebuster commented 3 hours ago

Please change the label to Enhancement