Mattermost, Inc.

Post API for bot using mattermost-preview docker image returns 401 error

Summary

Calling an API using a bot access token in docker mattermost-preview image (5.12.0) returns 401 Unauthorized even though the bot access token was used.

Steps to reproduce

  • Run command to start up mattermost-preview 5.12.0 server:
    docker run --name mattermost-preview -d --publish 8065:8065 --add-host dockerhost:127.0.0.1 mattermost/mattermost-preview:5.12.0
    
  • Add bot account by enabling Bot Accounts in Intergrations
  • Run the following commands to send a message using bot access token, the <channel-id>, <bot-access-token>, and <mattermost-url> has been replaced with the correct parameters
    curl -i -X POST -H 'Content-Type: application/json' -d '{"channel_id":"<channel-id>", "message":"This is a message from a bot", "props":{"attachments": [{"pretext": "Look some text","text": "This is text"}]}}' -H 'Authorization: Bearer <bot-access-token>' <mattermost-url>/api/v4/posts
    

Expected behavior

I assumed that the message would be posted in the channel that I selected.

Observed behavior

Status 401 Unauthorized was returned from the call and the following json object was outputted

{"id":"api.context.session_expired.app_error","message":"Invalid or expired session, please login again.","detailed_error":"","request_id":"dgg86moskjbm5km7zxo9uerday","status_code":401}

Inside the logs of the docker image the following line was found

{"level":"info","ts":1561294318.9415748,"caller":"mlog/log.go:164","msg":"Invalid session","error":"GetSession: Invalid session token=<bot-access-token>, err=<no value>, "}