Anytime I access the mercure subscriptions API, I receive a "401 Unauthorized" response.
Publishing and Subscribing to topics works alright - but the subscription API doesn't seem to like my JWT credentials. I don't seem to understand the payload of JWT needed for access.
I tried:
Enable / Disable subscriptions API
I'm running my own mercure docker image with subscriptions enabled: MERCURE_EXTRA_DIRECTIVES: subscriptions
Without that directive, GET requests to /.well-known/mercure/subscriptions return a 404 not found.
With the directive I receive 401 Unauthorized responses:
So I believe it's a permission problem.
Use JWT with subscribe payload signed with MERCURE_SUBSCRIBER_JWT_KEY
{
"mercure": {
"subscribe": [
"//prototype/messages/{channel}"
]
}
}
Use JWT with publish payload signed with MERCURE_PUBLISHER_JWT_KEY
{
"mercure": {
"publish": [
"//prototype/messages/{channel}"
]
}
}
Both Token work for subscribing - respectively publishing to given topics.
Unfortunately, both don't work for accessing the subscription API via GET request:
https://mercure.domain.tld/.well-known/mercure/subscriptions/%2F%2Fprototype%2Fmessages%2F%7Bchannel%7D?authorization=[JWT]
I always receive an 401 Unauthorized response.