Admin-scope token or: How to get hidden objects

[famfop]

Hi, this is probably intended but:

As a administrator I want to run some sync scripts, but if I GET the space endpoint, I get a list of public spaces and my personal spaces. Is there a way to get all spaces, or: is there a way to create an admin-scoped token such that I may access everything?

If not, what would you suggest? I assume there are two possible work-arounds for this:

1. Use some sort of admin bot-account
2. Impersonate a designated space-admin for each space

What would you suggest

[luke-]

@gevorgmansuryan Do you have an idea here?

[famfop]

Hi, is there any update on this?

[gevorgmansuryan]

@famfop you can create admin scope token at Administration -> Modules -> RESTful API -> Configure. Then enable Allow Bearer Authentication, then go to Bearer Auth tab and create token for admin user. With admin bearer token you will be able to see all spaces.

[famfop]

Not sure if I am missing something but the steps you explain are exactly what I did. With that listing all spaces with
GET /api/v1/space does list 13 spaces. which is exactly all spaces (public + my private) that I can see. Instance-wide through the admin page I do see many more.

I did find a work-around by impersonating a user that I know is member of the space in order to get info about that space but I guess some sort of parameter (to restrict to public/private spaces or without parameter list all) would be very helpful. Am I missing something?

[gevorgmansuryan]

@famfop strange. Do you have an access to database?

[famfop]

Sorry, just saw your answer. I could get it. What information do you need?