Hi everyone,
I’m running into an issue when changing my Losant endpoint access control from “All public users” to “Any authenticated user.”
I have a simple endpoint: POST /events/add
On my dashboard, I’m using a Custom HTML block with a button that sends a payload: warning_level: 5. See code below.
<div style="display:flex;gap:12px;align-items:center;">
<button id="sendBtn" style="padding:10px 14px;cursor:pointer;">
Send Warning Level 5
</button>
<span id="status" style="font-family:system-ui, sans-serif;"></span>
</div>
<script>
const ENDPOINT_URL = "https://xxxxxxx.onlosant.com/events/add";
const btn = document.getElementById("sendBtn");
const statusEl = document.getElementById("status");
btn.addEventListener("click", async () => {
btn.disabled = true;
statusEl.textContent = "Sending...";
try {
const res = await fetch(ENDPOINT_URL, {
method: "POST",
headers: { "Content-Type": "application/json" },
credentials: "include",
body: JSON.stringify({ warning_level: 5 })
});
const text = await res.text();
if (!res.ok) {
statusEl.textContent = `Error ${res.status}: ${text || res.statusText}`;
} else {
statusEl.textContent = "✅ Sent: { warning_level: 5 }";
}
} catch (err) {
statusEl.textContent = `Request failed: ${err.message}`;
} finally {
btn.disabled = false;
}
});
</script>
When access control is set to “All public users”, everything works as expected. The payload is received in the workflow.
When I change it to “Any authenticated user”, I receive: Error 401: {“statusCode”:401,“error”:“Unauthorized”}. Nothing is received in the workflow.
It appears that the authentication credentials are not being sent (or not recognized) when the endpoint requires authentication. Does anyone knows a solution?
Thanks in advance!
