Summary
Calling an API using a bot access token in docker mattermost-preview image (5.12.0) returns 401 Unauthorized even though the bot access token was used.
Steps to reproduce
- Run command to start up mattermost-preview 5.12.0 server:
docker run --name mattermost-preview -d --publish 8065:8065 --add-host dockerhost:127.0.0.1 mattermost/mattermost-preview:5.12.0 - Add bot account by enabling
Bot AccountsinIntergrations - Run the following commands to send a message using bot access token, the
<channel-id>,<bot-access-token>, and<mattermost-url>has been replaced with the correct parameterscurl -i -X POST -H 'Content-Type: application/json' -d '{"channel_id":"<channel-id>", "message":"This is a message from a bot", "props":{"attachments": [{"pretext": "Look some text","text": "This is text"}]}}' -H 'Authorization: Bearer <bot-access-token>' <mattermost-url>/api/v4/posts
Expected behavior
I assumed that the message would be posted in the channel that I selected.
Observed behavior
Status 401 Unauthorized was returned from the call and the following json object was outputted
{"id":"api.context.session_expired.app_error","message":"Invalid or expired session, please login again.","detailed_error":"","request_id":"dgg86moskjbm5km7zxo9uerday","status_code":401}
Inside the logs of the docker image the following line was found
{"level":"info","ts":1561294318.9415748,"caller":"mlog/log.go:164","msg":"Invalid session","error":"GetSession: Invalid session token=<bot-access-token>, err=<no value>, "}
