We have configured JWT virtual proxy to make QRS api calls.
We use a dedicated user that was also used to generate the bearer token.
The users can make almost every call, except a reload for example.
When using POST */app/ID/reload we get FORBIDDEN message.
The solution is an admin role. (rootadmin for example).
The problem is that we don't want to give that user an admin role (because it must be restricted to a limited list of streams and apps for example), we want to know what are the resourcefilters/actions that allows qrs reload api call to work.
I tried everything on the resource filter and actions, and the only one that seems to work is when I put "star" on the resource filter and select the "change role" action ==> which is basically a rootadmin role.
Can someone give me the exact resourcefilter and action that gives necessary privileges to make a POST reload qrs api call please ?