Update README.md
Browse files
README.md
CHANGED
|
@@ -40,24 +40,10 @@ If a user has access to a model through a resource group, but their fine-grained
|
|
| 40 |
|
| 41 |
### 4. Test the Token
|
| 42 |
1. Use the API Playground (https://huggingface.co/spaces/enzostvs/hub-api-playground)
|
| 43 |
-
2. Set up a POST request to `/api/repos/create
|
| 44 |
-
3. Add your fine-grained token in Headers
|
| 45 |
-
4.
|
| 46 |
-
|
| 47 |
-
{
|
| 48 |
-
"repo_id": "YOUR_ORG/token-test-model",
|
| 49 |
-
"repo_type": "model",
|
| 50 |
-
"commit_message": "Testing token permissions",
|
| 51 |
-
"operations": [
|
| 52 |
-
{
|
| 53 |
-
"operation": "create",
|
| 54 |
-
"path": "test.txt",
|
| 55 |
-
"content": "This is a permission test"
|
| 56 |
-
}
|
| 57 |
-
]
|
| 58 |
-
}
|
| 59 |
-
```
|
| 60 |
-
5. Send the request - it should fail with a permission error
|
| 61 |
|
| 62 |
## Expected Result
|
| 63 |
The request will fail despite your user having access to the model through the resource group. This demonstrates that fine-grained tokens require explicit permissions, regardless of resource group access.
|
|
|
|
| 40 |
|
| 41 |
### 4. Test the Token
|
| 42 |
1. Use the API Playground (https://huggingface.co/spaces/enzostvs/hub-api-playground)
|
| 43 |
+
2. Set up a POST request to `/api/repos/create`
|
| 44 |
+
3. Add your fine-grained token code in the Headers / Authorization section (the code you copied)
|
| 45 |
+
4. In the BODY section: Type: model Name: whatever_you_want Organization: name_of_your_org (don't worry about Sdk)
|
| 46 |
+
6. Send the request - it should fail with a permission error
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 47 |
|
| 48 |
## Expected Result
|
| 49 |
The request will fail despite your user having access to the model through the resource group. This demonstrates that fine-grained tokens require explicit permissions, regardless of resource group access.
|