Admin key API calls to CQL search API doesn't return restricted content

XMLWordPrintable

    • Severity 3 - Minor

      Issue Summary

      This is reproducible on Data Center: (no)

      Admin key API calls to /wiki/search doens't return restricted content.

      Steps to Reproduce

      1. create a restricted page in a space
      2. using admin key API enable admin key for a site-admin
      3. using admin key make a `/wiki/search` call 
        curl --location 'https://sitename.atlassian.net/wiki/rest/api/search?cql=space=<spacke_key>' \
--header 'Accept: application/json' \
--header 'Atl-Confluence-With-Admin-Key: true' \
--user $EMAIL:$API_TOKEN

      Expected Results

      Since we're using admin key feature, the search should return restricted pages in the space

      Actual Results

      The search only returns pages that the user has access to, despite using admin key

      Workaround

      Currently there is no known workaround for this behavior. A workaround will be added here when available

            Assignee:
            Unassigned
            Reporter:
            Nashid Farhad
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: