Hello,

I'm trying to automate the deletion of extensions in a self-hosted OpenVSX. I tried using the same approach as described here.

However, it seems like this does not work. I also tried using the command how the post mapping from AdminAPI looks like. After inspecting the POST request when deleting an extension from the web interface it appears to only support session-based authentication via browser cookies, not token or query parameters.

When I try to call the endpoint using a token as described in the above mentioned ticket, the request silently redirects to /error, and the deletion does not occur.

Can you please:

• let me know if token-based deletion support has been removed?
• tell me if there still is a way to delete extensions via API for automated pipelines without relying on the web ui?
• let me know if token-based deletion is no longer supported what would be the best approach to achieve this in my case?

Thank you in advance!