SilverLABS/Website
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(developers): use fresh HttpClient for ticket creation to authenticate as applicant
All checks were successful
Build and Deploy / deploy (push) Successful in 41s
Details

Browse Source 
The typed HttpClient has X-API-Key set as a default header, which caused
SilverDESK's MultiAuth policy to route to ApiKey auth instead of Bearer/JWT.
This made tickets owned by the MCP system user instead of the applicant.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
SysAdmin
2026-02-22 22:07:21 +00:00
parent 9cbbd2d4f2
commit 296c7fefc5
1 changed files with 5 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
BlazorApp/Services/DeveloperApplicationService.cs
View File

@@ -81,11 +81,15 @@ public class DeveloperApplicationService
Category = "Developer Program"
};
// Use a fresh HttpClient without the X-API-Key default header so that
// SilverDESK's MultiAuth policy routes to Bearer/JWT auth (the new user's token)
// instead of ApiKey auth (which resolves to the MCP system user).
using var userClient = new HttpClient { BaseAddress = _httpClient.BaseAddress };
var ticketRequest = new HttpRequestMessage(HttpMethod.Post, "/api/tickets");
ticketRequest.Headers.Authorization = new AuthenticationHeaderValue("Bearer", token);
ticketRequest.Content = JsonContent.Create(ticketPayload);
var ticketResponse = await _httpClient.SendAsync(ticketRequest);
var ticketResponse = await userClient.SendAsync(ticketRequest);
if (!ticketResponse.IsSuccessStatusCode)
{