Some API endpoints returning 403 error code even with all scopes enabled

[jaherron]

Describe the bug
Even when a token has all scopes enabled, some API endpoints result in a 403 Forbidden error.

To Reproduce
Steps to reproduce the behavior:

1. Create an API token and enable all scopes.
2. Using the HTTP requesting tool of your choice, attempt to send a GET request to [Teable URL]/api/space or [Teable URL]/api/base/access/all.

Expected behavior
I expected to see a list of spaces or a list of bases when requesting to those endpoints.

Screenshots

Client (please complete the following information):

• OS: MacOS Sonoma
• Browser: Chrome
• Version: 123.0.6312.124
• HTTP Request tool: Postman

Platform (Please tell us which deployment version you are using)
docker-standalone

[boris-w]

Hello, currently, our token requires specifying the access (space or base). Therefore, these two endpoints do not support token-based access. Since you've chosen a space as your access, you should be aware of your spaceId. Please use this spaceId to access all bases under this space via api/space/:spaceId/base (GET), instead of attempting to access all available bases.

[jaherron]

I'm closing this issue since it's old and I've been writing some scripts that use the API successfully.