You can test that the policy now works correctly with cURL or Postman.
Issue a GET request to
https://localhost:7443/meme-game/api/v1/users/user.0/answers/1
as user.660
. The following cURL command makes such a
request.
curl --insecure -X GET \
https://localhost:7443/meme-game/api/v1/users/user.0/answers/1 \
-H 'Authorization: Bearer {"active": true, "sub": "user.660"}'
You should get a
200 OK
response with the following
body.{
"data": {
"id": "1",
"type": "answers",
"attributes": {
"url": "https://i.imgflip.com/2fm6x.jpg",
"captions": [
"Still waiting for the bus to Jennie’s"
],
"rating": null,
"created_at": "2020-05-06T22:25:06+00:00"
}
},
"meta": {}
}