Like what we’re doing? Star us on GitHub!

"You are not allowed to access this page." - on Admin

12 months ago
1 4

I keep getting "You are not allowed to access this page." just after logging in.

I've managed to deploy PayloadCMS to heroku (YAY!) and:

  • the license is checked for the domain (
  • Admin email is exactly the one privided for the license (i did changed it tho, but then changed it back)
  • double checked the ENV variables. License key is there.
  • license: process.env.PAYLOAD_LICENSE_KEY, is present in the "init" section of config.
  • Same credentials work on localhost.

What am I missing here?

  • quornik
    12 months ago

    OK I FIGURED IT OUT <{facepalm}>
    The crucial part is: Dear oerthinking developer (that's me ) Please do change "serverUrl" to the domain you are actually deploying to.

    This was like very disutrbing for me: I assumed that since we have the installation working via nginx, and since we do need to have it hosted both locally and on production, the idea to hardcode this "http://localhost:3000" to the config is ok, and the actual switching of the final url is happening on nginx level. Turns out I was very wrong. I was looking on those simple http requests on console, and the first was always to the domain, and the rest - admin api calls - were to the localhost.

    It works fine now.

    2 replies
  • denolfe
    Payload Team
    12 months ago

    Awesome, glad you were able to figure it out! đź‘Ť

  • DanRibbens
    Payload Team
    12 months ago

    @quornik thanks for the update details for others to see.
    An interesting note, currently in beta the serverURL is not required, Payload will start without it and use relative paths for all admin UI API calls. The serverURL will be optional in the next 0.15.x release.


  • denolfe
    Payload Team
    12 months ago

    Hey @quornik, I can help you out here.

    I see your license in our system. It looks like we haven't received any licensing requests for that particular domain or email, which is likely why your admin panel is giving you this response.

    Can you verify in your Dev Tools that when you reload your admin panel that a request goes out to and is sending your key and email accordingly?

    Worth noting that we don't validate licensing when you're running on localhost, so that isn't an indication that licensing is configured correctly or incorrectly.

  • quornik
    12 months ago

    Hey @denolfe , thanks for Your reply.
    Unfortunely I can confirm that this request does not happen, any idea why?
    The API routes are working as expected, I just can't log in to the admin panel while hosted on heroku.

    I've mentioned the localhost, to avoid questions like "is Your password correct?" :D

    To actually deploy to heroku, I needed to slightly modify server.js.

    instead of:
    I did put:
    app.listen(process.env.PORT || 3000);

    also in package.json I needed to duplicate "serve" script command and change the duplicate to "start" so Heroku recognizes the start command. And While at it, I did move all devDependencies besiede nodemon to dependencies.

    Have any idea what am I doing wrong? :)

  • quornik
    12 months ago

    Just to make something for the community out of this, I wrote simple guide covering the non standard, Heroku specific approach to deployment: #473

    Hope You'll find it helpful.

    Cheers also!

Open the post
Continue the discussion in GitHub
Can't find what you're looking for?
Get help straight from the Payload team with an Enterprise License.Learn More