rusackas commented on issue #25740: URL: https://github.com/apache/superset/issues/25740#issuecomment-4043446079
The `/api/me/roles` endpoint is a Flask-AppBuilder view endpoint, not a REST API endpoint — it relies on session cookie authentication rather than Bearer token auth, which is why it returns 401 when called with only a Bearer token header. For embedded dashboard use cases, the correct approach is to use a guest token (not a Bearer token) and ensure `GUEST_ROLE_NAME` and `PUBLIC_ROLE_LIKE` are configured in `superset_config.py`. Several reporters above resolved their issues this way. If you are encountering this with OAuth/Keycloak and Bearer tokens for the REST API (not embedding), that may be a separate issue — please open a new focused issue with your auth configuration details. This issue has been open for over two years and has not seen any activity in approximately 5.5 months. Closing as a configuration question. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
