add allowlist

sentaur-athena · sentaur-athena · commit c799aab4f449 · 2024-11-25T13:19:00.000-08:00
diff --git a/src/sentry/api/authentication.py b/src/sentry/api/authentication.py
@@ -443,9 +443,11 @@ def authenticate_token(self, request: Request, token_str: str) -> tuple[Any, Any
                         raise AuthenticationFailed("Unauthorized organization access.")
                 else:
                     # We want to limit org scoped tokens access to org level endpoints only
-                    raise AuthenticationFailed(
-                        "This token access is limited to organization endpoints."
-                    )
+                    # Or none org level endpoints that we added special treatments for
+                    if resolved_url.url_name not in ["sentry-api-0-organizations"]:
+                        raise AuthenticationFailed(
+                            "This token access is limited to organization endpoints."
+                        )
             else:
                 sentry_sdk.capture_message(
                     "Could not resolve organization for organization scoped token", level="warning"
