BA
Better Auth3w ago
codecret | Software Engineer

403 error when listing user from superadmin role

auth.ts 
 user: {
    deleteUser: {
      enabled: true,
    },
    additionalFields: {
      role: {
        type: ["user", "admin", "superadmin"],
      },
    },
  },
  plugins: [
    username(),
    admin({
      ac: ac,
      roles,
      adminRoles: ["admin", "superadmin"],
      defaultRole: "admin",
    }),
    nextCookies(),
  ],
 user: {
    deleteUser: {
      enabled: true,
    },
    additionalFields: {
      role: {
        type: ["user", "admin", "superadmin"],
      },
    },
  },
  plugins: [
    username(),
    admin({
      ac: ac,
      roles,
      adminRoles: ["admin", "superadmin"],
      defaultRole: "admin",
    }),
    nextCookies(),
  ],
authclient.ts 
export const authClient = createAuthClient({
  baseURL: env.NEXT_PUBLIC_BETTER_AUTH_URL,
  plugins: [
    usernameClient(),
    adminClient({
      ac,
      roles,
      adminRoles: ["admin", "superadmin"],
      defaultRole: "admin",
    }),
    inferAdditionalFields<typeof auth>(),
  ],
});
export const authClient = createAuthClient({
  baseURL: env.NEXT_PUBLIC_BETTER_AUTH_URL,
  plugins: [
    usernameClient(),
    adminClient({
      ac,
      roles,
      adminRoles: ["admin", "superadmin"],
      defaultRole: "admin",
    }),
    inferAdditionalFields<typeof auth>(),
  ],
});
error ? 
 const newData = await auth.api.listUsers({
        query: {
          limit: 10,
          sortBy: "createdAt",
          sortDirection: "desc",
        },
      });
 const newData = await auth.api.listUsers({
        query: {
          limit: 10,
          sortBy: "createdAt",
          sortDirection: "desc",
        },
      });
returning 
 
Error fetching users: [Error [APIError]: ] {
  status: 'UNAUTHORIZED',
  body: undefined,
  headers: {},
  statusCode: 401
}
 
Error fetching users: [Error [APIError]: ] {
  status: 'UNAUTHORIZED',
  body: undefined,
  headers: {},
  statusCode: 401
}
3 Replies
bekacru
bekacru3w ago
you need to pass headers to listUsers
codecret | Software Engineer
codecret | Software EngineerOP2w ago
im not sure if this is the right approach but still same error 
const data = await auth.api.userHasPermission({ // { error: null, success: true }
    body: {
      role: "superadmin",
      permission: {
        user: ["list"],
      },
    },
  });
  async function fetchUsers() { // returning Error fetching users: [Error [APIError]: You are not allowed to list users] 403 
    try {
      const newData = await auth.api.listUsers({
        headers: await headers(),
        query: {
          limit: 10,
          sortBy: "createdAt",
          sortDirection: "desc",
        },
      });
      console.log("Fetched Users:", newData);
    } catch (error) {
      console.error("Error fetching users:", error);
    }
  }

  fetchUsers();
  console.log(data);
const data = await auth.api.userHasPermission({ // { error: null, success: true }
    body: {
      role: "superadmin",
      permission: {
        user: ["list"],
      },
    },
  });
  async function fetchUsers() { // returning Error fetching users: [Error [APIError]: You are not allowed to list users] 403 
    try {
      const newData = await auth.api.listUsers({
        headers: await headers(),
        query: {
          limit: 10,
          sortBy: "createdAt",
          sortDirection: "desc",
        },
      });
      console.log("Fetched Users:", newData);
    } catch (error) {
      console.error("Error fetching users:", error);
    }
  }

  fetchUsers();
  console.log(data);
news?
bekacru
bekacru2w ago
update to beta pnpm i better-auth@beta

Did you find this page helpful?