Permission to assets files denied as an admin user

jee · May 24, 2025, 3:25pm

Hi,
I ran into this strange bug where I couldn’t access any assets i mean files are not displayed (accessing to collection was ok), even when logged in as the admin user.

At first, I thought it was an S3 storage issue, but everything looks fine on that side. Then I suspected Redis, but I didn’t see any errors there either.

The only error I found was in the Directus container logs:

[16:55:33.671] DEBUG: You don't have permission to access this.

    err: {
      "type": "",
      "message": "You don't have permission to access this.",
      "stack":
          DirectusError: You don't have permission to access this.
              at AssetsService.getAsset (file:///directus/node_modules/.pnpm/@directus+api@file+api_@types+node@22.13.8_@unhead+vue@1.11.20_vue@3.5.13_typescript@5.8.2____jigekj2vspo2admkgggvl64evi/node_modules/@directus/api/dist/services/assets.js:56:19)
              at async file:///directus/node_modules/.pnpm/@directus+api@file+api_@types+node@22.13.8_@unhead+vue@1.11.20_vue@3.5.13_typescript@5.8.2____jigekj2vspo2admkgggvl64evi/node_modules/@directus/api/dist/controllers/assets.js:154:36
      "name": "DirectusError",
      "code": "FORBIDDEN",
      "status": 403
    }

[16:55:33] GET /assets/a77752fd-1e05-4a25-b4f0-12df09f3f856?key=system-medium-cover 403 15.1s

I had to restart my stack, and now everything works fine again.
I’m still trying to figure out what went wrong to avoid this in the future.

Docker Swarm Setup :

Directus 11.7.2 official image directus/directus:11.7.2
Postgres postgis/postgis:17-master
Redis registry.redict.io/redict:7-alpine
Hetzner Object Storage (S3-compatible)

If you have any thoughts or ideas on what could have caused this, I’d appreciate the help!

bryantgillespie · June 14, 2025, 2:29pm

I’m assuming you were trying to access these within the App Studio. But any other details you have could be helpful.

Most of the time when I see this sort of stuff, it ends up being like a CORS issue or some type of configuration that I’ve got wrong with the file service.

A few things to check:

CORS Configuration - Make sure your CORS_ENABLED and CORS_ORIGIN environment variables are set correctly
File Service Settings - Double check your storage adapter configuration (local, S3, etc.)
- Files | Directus Docs
Public URL - Verify your PUBLIC_URL environment variable matches your actual domain

If you’re operating within Swarm, then it certainly could be a Redis issue. So you might want to check the configuration there as well.

If you can share more details about your setup (hosting environment, storage config, etc.) that would help narrow it down.

Topic		Replies	Views
How to read the contents of an uploaded file within a Flow Help	1	26	May 17, 2025
I'm running Directus on Heroku, but my uploaded assets keep disappearing after a while. Any idea why this is happening? Help hosting , asset-management	1	30	May 12, 2025
Error " [INVALID_FOREIGN_KEY] Invalid foreign key." uploading files Help	1	10	June 14, 2025
Deleting users who have uploaded an asset Help	1	17	June 6, 2025
CORS issue when developing in local Help api	1	70	April 30, 2025

Permission to assets files denied as an admin user

Related topics