Can't get file access permission for AuthenticatedUser working

I’m logged into my app. The app is accessing and displaying an image file. To display the image, I’m using the “Source URL Logic”-binding in UI Builder.

The image is displayed correctly when using the following permissions for this file:

Now, I want to restrict the access to the image to AuthenticatedUser. Therefore, I’m setting the red cross for “NotAuthenticatedUser”:

The effect is however, that the image is not read-in by the application, although I’m working with a logged-in user, which should still have read access.

Browser Dev-Tools are showing the error

GET https://eu.backendlessappcontent.com/.../files/web/images/users/E286E473-5C42-4DC8-A533-564E6BA4B965/recipe-placeholder.jpg 400 (Bad Request)

Am I doing something wrong here?

Could you please create a test account for us and share the credentials as well as the link for the login page so we can experience the error on our side?

Hi @mark-piller ,
Is it possible to share such (and more) details via email with you?
Regards,

Sure. please send an email to support@backendless.com with the requested information and a link to this topic.

Email has been sent.
Regards

Hello @Klaas_Klever

Thank you for the information provided. We already have an internal ticket BKNDLSS-23971 for this problem. I have raised the priority for this ticket. As soon as the fix is available, we will let you know.

Regards,
Inna

Any news for this?
Thanks

Hi Klass,

A logged in user is identified either by the user-token HTTP header or a cookie. The problem with the cookie approach (when it comes to fetching files) is the cookie is set for the eu-api.backendless.com domain and doesn’t apply to eu.backendlessappcontent.com. A workaround can be adding a custom domain to your app and then using it for both login API and to fetch files. It would be important to enable cookie-based authorization for the app (Users > Login section in console). Would that approach work for you?

Regards,
Mark