API Key Permissions for Knowledge Base API in Local Environment (v1.1.3) - 401 Error

[WNASHU]

Self Checks

• I have searched for existing issues search for existing issues, including closed ones.
• I confirm that I am using English to submit this report (我已阅读并同意 Language Policy).
• [FOR CHINESE USERS] 请务必使用英文提交 Issue，否则会被关闭。谢谢！:)
• Please do not modify this template :) and fill in all the required fields.

Content

Hello Dify Community,
I'm trying to use the Knowledge Base API in a local Dify environment (v1.1.3 deployed via Docker Compose)
but am consistently getting a 401 Unauthorized (Invalid token.) error and am stuck.
I strongly suspect the issue is related to API key permissions, and I'm hoping someone here can offer some guidance.

【Current Situation:】

• Goal: Use the Knowledge Base API (likely via /console/api/datasets/...) from a Python script to synchronize documents.
• API Key: Using the key (format dataset-...) displayed in the "API ACCESS" section of the knowledge base settings.
• Auth Header: Using Authorization: Bearer {API_KEY}.
• API Path: Based on Nginx config and internal route discovery, /console/api/datasets/... seems the most likely path, which is currently configured.
• Error: Testing directly with curl (e.g., GET /console/api/datasets/{dataset_id}/documents) also results in the same 401 Unauthorized (Invalid token.). This leads me to believe the issue is not with my Python script.
• Cloud Comparison: A similar script works perfectly fine with Dify Cloud (using the correct cloud key and URL).

【Core Question:】
For Dify v1.1.3 in a local deployment, is there a way to grant or verify permissions (read, write, etc.) for a Knowledge Base API key (dataset-... format) for a specific knowledge base (dataset)?
In the admin UI, I can only see the list of API keys with their creation/last used dates. I cannot find any options related to setting or viewing permissions for these keys. I suspect this lack of visible permission control might be the root cause of the 401 error.

Could anyone clarify how API key permissions are handled for knowledge bases in the local v1.1.3 environment? Is there a specific procedure to set/check them, or are they supposed to have full permissions by default?
Any help or pointers would be greatly appreciated!

Thank you!

[dosubot[bot]]

I found a similar unsolved discussion that might be helpful:

• an error when accessing the KB API

This thread discusses issues related to accessing the Knowledge Base API, which may provide insights into your 401 Unauthorized error.

[Bhawna07]

@WNASHU @dosubot Can you help me? I want to use a PostgreSQL database as an external database through endpoints. Is that possible?

[jasonfish568]

I would suggest you provide your request data(e.g Postman sample) that we can see more clearly what you encountered.

Upon improving the KB API endpoints, I did not see any the view/write permission settings and I don't think that has any priority in the development roadmap.

Please keep in mind that KB and Chatbot use different API keys and have different architect in terms of implementation and authentication.

Our team has been successfully integrating with Dify backend service both in docker compose and standalone backend.