I am triggering a project filesystem scan from GitHub Actions. The network path, HTTPS protocol, and header syntax (X-Ignition-API-Token) are working perfectly, but the gateway returns an HTTP 403 Forbidden. The request is successfully reaching Ignition, but the gateway is explicitly denying permission.
The Root Blocker:
- My API Key is mapped to a custom security level:
Authenticated/API_RW. - Because Ignition 8.3 blocks assigning built-in user roles (like
Roles/Administrator) directly to API Keys, my token lacks the administrative privileges needed to touch disk-level system paths.
Question :
My API key is getting rejected with a 403 Forbidden error on the POST /data/api/v1/scan/projects route. Because Ignition 8.3 blocks assigning built-in user roles (like Roles/Administrator) directly to API Keys, my token is stuck with a custom security level (Authenticated/API_RW). Which specific Service Security Policy or internal gateway configuration governs this Git-scan endpoint so I can explicitly authorize API_RW to trigger it?
