Matomo 3.14.1 to 4.0.5 :
We have hundreds of Wordpress websites using Matomo 3.14.1, with a custom plugin displaying an iFrame in dashboard with Widget iframed:
With the update to 4.0.5, we have the error message
"This user has super user access. For embedding widgets super user token auths are not allowed. See our faq for more information."
OK, so the FAQ says:
"And if you are using Matomo 4 or above, and want to be able to use token_auths of users with write or admin access with your iframe URLs, you will have to add the setting: enable_framed_allow_write_admin_token_auth=1 "
But when configured to 1 , enable_framed_allow_write_admin_token_auth doesn't seems to work.
I know it's not recommended, and for new installations we will create special user with view only, but as I said, we don't want to do this for the hundred existing sites.
@jisse44 I just tried to reproduce this. I think it's actually supposed to work like this that it only allows embedding widgets for write and admin access, but never for super user access. Are the websites all using the same user? Would it be easily possible to change that user to an admin maybe?
OK, that is the trick, my user is "super user", not "admin" ...
Is it possible to create and get token for user from console ?
Hi @jisse44 It's currently only possible through the
UsersManager.createAppSpecificTokenAuth API. You could write a bash script that calls the API if that helps?
sorry for the delay, but yes I finally managed migration with a bash script, by getting read only user token_auth in DB before the upgrade.