I can create a project as a user without having the “administrator” group assigned to me, but if I try to create a project using the API (as the same user), the API gives this error:
“You must have global administrator rights in order to modify projects.”
There’s a previous discussion about this where the answer is that there’s an error in the documentation, but that doesn’t really address the issue.
I don’t think you do or should need the “administrator” privilege just to create a project (and you don’t need it when creating one manually). So it seems that there’s an inconsistency between the permissions you get via API versus as a web interface (cloud) user. And, if I am forced to give the API administrator level access just so it can create projects, this is less secure.
Any advise is appreciated on this. I would like to understand if there is essentially a bug in the way permissioning is working for the API (because it’s different than permission of a user through the web) or if I’m not understanding something myself.
Here’s the API call that I use:
curl -D- -u MYEMAIL:MYAPIKEY -X POST -H “Content-Type: application/json” URLHERE/rest/api/2/project --data ‘{“name”:“testproject8”, “key”:“TP8”, “projectTypeKey”: “business”, “leadAccountId”: “XXXXXXXX”}’