Simplify your stack and build anything. Or everything.
Schedule a Demo
USE CASES
Headless CMSEnterprise App BuilderHeadless E-CommerceDigital Asset Management
FEATURES
Multi-TenancyWhite LabelLocalizationAccess ControlAuth
CASE STUDIES

See what others are building with Payload.

Browse Case Studies
Build tomorrow’s web with a modern solution you truly own.
PAYLOAD IS FOR
DevelopersMarketing teamsEnterprise companiesAgencies & Consultancies
COMPARE PAYLOAD
Payload vs WordPressPayload vs ContentfulPayload vs SanityPayload vs StrapiPayload vs Directus
AGENCY TESTIMONIAL

"Payload has transformed the way our clients manage content. It's an indispensable tool for any modern agency."

Become a PartnerFind a Partner
Code-based nature means you can build on top of it to power anything.
Resources
DocumentationExamplesTemplatesGitHubReleasesBlog
Community
RoadmapDiscordCommunity Help
Payload Cloud

Deploy your entire stack in one place with Payload Cloud.

LoginCloud Pricing
It’s time to take back your content infrastructure.
Schedule a Demo
Enterprise Features
SSOAI Auto-EmbeddingPublishing WorkflowsVisual EditorStatic A/B testingAI features
Customer Stories
MicrosoftASICSBlue OriginHello BelloTekton
Featured Customer Story

Microsoft chose Payload to tell the world about AI.

Read the case studyBrowse all
LoginGet Started
Community Help

API works in browser but throws 403 on Postman

default discord avatar
kaspartr7 months ago
1

I'm attempting to use the REST API outside of the browser but there are many questions.


1. How do you use the User's API-KEY in the authorization header? There is no documentation on that.


2. Every request from Postman returns 403: Forbidden even through the same request work in the browser there the same user is logged in. It doesn't even seem to reach API key authentication and is immediate.



I there proper documentation on how to actually use the API which seems to be an important feature of PayloadCMS?



I would like to use the User API key shown in the admin dashboard.



I tried this but also have 403 immediately.



I see, yes that works finally.

  • default discord avatar
    minsomai10 months ago
     headers: {
      Authorization: `JWT ${token}`,
    }
  });

    @567578449439621124



    replace token with the one your received from login endpoint.





    for those API keys, header value is different



    const response = await fetch('http://localhost:3000/api/pages', {
  headers: {
    Authorization: `users API-Key ${YOUR_API_KEY}`,
  },
})


    https://payloadcms.com/docs/authentication/config
Open

Continue the discussion in Discord

Star on GitHub

Star

Chat on Discord

Discord

online

Can't find what you're looking for?

Get dedicated engineering support directly from the Payload team.