You can create one per user at the moment, not against changing it to allow multiple per user but there is a simple workaround (of creating api user per api key)
You can create as many user api keys as you want though per user.
Okay. So what do the API docs mean when they say “To become authenticated you will need to create an API Key from the admin panel”? That’s, like, the first step in the documentation.
What it means is that when you start with a brand new install of Discourse you should not have an api key and when you go to the API tab it should look like this:
So you will need to click that key icon to create a system wide api key. I’ll work on improving the docs about how to create a system key and how to make user api keys.
That key most definitely should work, most likely something else was the issue and you might need to provide more info with how you made the api request so that we can help you troubleshoot. Also please check if the content-type was set to form-data.
You will need to hit the /notifications.json endpoint and pass in the user you want notifications for in the api_username field.
Oh, okay. Discourse was installed and setup for me so I didn’t see the step where the admin’s API key was generated.
I switched from application/json to form-data and got a different error, but it looks like I made it past the authentication step.
If I just included an api_key then I got an error that either the key or username was wrong, which makes sense. If I include an api_key and an api_username then I get an error 422 “unprocessable entity” or an error 400 “invalid access” depending on what I put in the api_username field.
What “username” am I supposed to use to identify an account? The user’s profile has two fields called “username” and the only one that’s populated is something that can be edited by the user.
I’m only allowing users to make a Discourse account by using SSO to pull in the account they already made on the Bubble app. There’s an “external ID” that seems to be the user’s unique ID from Bubble.
I tried replacing the api_username field with external_id but got the same “key or username is invalid” error.
I figured.
But there’s only two fields.
I’m confident the api_key is correct, otherwise it would refuse access every time.
So there’s something about the api_username field that is passing authentication but is somehow invalid after that.
It’s not even clear what I’m supposed to put in the api_username field, as I described in the previous post.
I could be off base, but “entity” reminds me of invalid URLs. eg. instead of &param=something it interprets ¶m as an invalid entity. Maybe if you urlencode the ampersand?
