(Beginner) Single entry read permission

Hi :wave:

To get on the point, I am having difficulties understanding how UI permissions work.
I created an user and assigned it to the “moderator” group. Took its api key and I am able to list the collection via REST (fetch in javascript). But I cannot fetch a single entry as it throws me 401.

I’ve created config/config.yaml with content:

groups:
  moderator:
    admin: false
    cockpit:
      accounts: false
      finder: false
      rest: false
      info: false
      unlockresources: false
      webhooks: false
      backend: false
    collections:
      create: false
      delete: false
      manage: false
    posts:
      entries_create: true
      entries_view: true
      entries_edit: true
      entries_delete: false
  • moderator is group
  • posts - is the collection to manage

and have this on UI side:

Initially everything is off (red toggle - which is OK) and I don’t have additional scripts in any of the fields below (for read, create, etc.).
Now, If I turn on View Entries in group (like on screenshot) I still cannot get a single entry data from api… at least not until I turn on the same option in “Public” section (which I don’t want). How can I solve this?

Thanks in advace <3

When you are using the groups addon you don’t need to do manual changes to the config.yaml.

Everything according to groups can be done directly through the UI

I reinstalled the add-on and cleared the config.yaml (now is empty), but still having the same issue. I am really getting frustrated for not being able to resolve this :frowning:
Moderator has the access rights for entries in this collection.

For not being able to upload screenshots in comment, posting text version:

Settings -> Groups -> Moderator -> Edit
Generic     - All OFF
Cockpit     - All OFF
Collections - All OFF
Singletons  - All OFF
Forms       - All OFF

Collections -> (collection -> Edit) -> Permissions
Public
  Collection  - All OFF
  Entries     - All OFF
Moderator
  Edit collection - All OFF
  Entries
    View   - ON
    Edit   - ON
    Create - ON
    Delete - OFF

Response Code / API endpoint
200 → http://localhost:3000/api/collections/entries/<COLLECTION_NAME>
401 → http://localhost:3000/api/collections/entry/<COLLECTION_NAME>/<ID>

Never mind. I migrated to strapijs.