/user/profile endpoint throws error for new users #1623
Description
Describe the bug
A fresh CWMS user created upon initial login cannot retrieve their profile through the /user/profile endpoint. It returns an error.
Expected behavior
A freshly-created user would ideally at least be able to view their username, and theoretically an empty roles list (or the single HQ All Users role that currently exists). This enables the user to include their username when requesting permissions.
To Reproduce
Steps to reproduce the behavior:
- Login to CWMS with a new account (so that the system generates a new user)
- Make a GET /user/profile request
- Receive an HTTP 403 error response
Logs/Incident Identifier
Not technically an error, but this is the response body:
{
"message": "Missing roles {Role{name='CWMS Users'}}",
"incidentIdentifier": "6e179fa7-1e9f-4996-aa5e-a6a547dc5789",
"source": "Authorization",
"details": {}
}
CURL Commands
curl -X 'GET' 'http://localhost:8081/cwms-data/user/profile'
CDA Version (please complete the following information):
2026.03.04-develop