PHP Tracker token_auth for User needs to have superuser, admin or just write permission

(Adrian Ministrator) #1

We use the Matomo PHP-Tracker to track direct downloads and other events.
We are not sure what is correct based on the documentation:

API reference

It is described that admin or super user rights are required.

Some Tracking API functionality requires express authentication, using either the Super User token_auth, or a user with ‘admin’ access to the website.
The following features require access: - force the visitor IP - force the date & time of the tracking requests rather than track for the current datetime

Tracking API

Write access is recommended here.

token_auth — 32 character authorization key used to authenticate the API request. We recommend to create a user specifically for accessing the Tracking API, and give the user only write permission on the website(s).

I think we need write access. Can anyone confirm that (which of the descriptions is correct)?



Tested by myself
Only write permissions necessary