Understanding API Key Scopes #55

mcc-admin-101 · 2025-04-05T08:30:10Z

mcc-admin-101
Apr 5, 2025

Hi folks! I have created a gateway and a group, and I'm successfully uploading files and I see them in the group.

However, I'm using and API Key which has Admin permission. If I create an API Key called "AllExceptAdmin" and give it all permissions except the Admin one, I get a 401 Unauthorized. Doesn't seem right from a least privs perspective?

mcc-admin-101 · 2025-04-05T08:41:53Z

mcc-admin-101
Apr 5, 2025
Author

this is the code I'm using ...

const groupId = process.env.PINATA_GROUP_ID;

const { cid } = await pinata.upload.public
  .json(payload)
  .name(payloadName)
  .group(groupId);
const url = await pinata.gateways.public.convert(cid);

0 replies

stevedylandev · 2025-04-05T13:34:17Z

stevedylandev
Apr 5, 2025

Hey there! You are on the right track; you caught us in a transition phase 🙈 The SDK you're using currently uses the V3 API Routes however our UI is still being updated to provide the new scopes for these routes. If you want to make one now you can do so through the docs here, and as far as what routes fall under what scopes, we have the scopes listed underneath the name of each endpoint.

Apologies for any confusion this might have caused! The App UI should be updated shortly :)

0 replies

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Pinata

Understanding API Key Scopes #55

Uh oh!

{{title}}

Uh oh!

Replies: 2 comments

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{title}}

Uh oh!

Select a reply

Uh oh!

Pinata

Understanding API Key Scopes #55

Uh oh!

mcc-admin-101 Apr 5, 2025

Replies: 2 comments

Uh oh!

mcc-admin-101 Apr 5, 2025 Author

Uh oh!

stevedylandev Apr 5, 2025

mcc-admin-101
Apr 5, 2025

mcc-admin-101
Apr 5, 2025
Author

stevedylandev
Apr 5, 2025