You can test that the policy now works correctly with cURL or Postman.
-
Issue a GET request to
https://localhost:7443/meme-game/api/v1/users/user.0/answers/1
asuser.660
. The following cURL command makes such a request.curl --insecure -X GET \ https://localhost:7443/meme-game/api/v1/users/user.0/answers/1 \ -H 'Authorization: Bearer {"active": true, "sub": "user.660"}'
You should get a200 OK
response with the following body.{ "data": { "id": "1", "type": "answers", "attributes": { "url": "https://i.imgflip.com/2fm6x.jpg", "captions": [ "Still waiting for the bus to Jennie’s" ], "rating": null, "created_at": "2020-05-06T22:25:06+00:00" } }, "meta": {} }