From 7c3fcc297d8e5a955d9c0bc4f3ca917854132e8e Mon Sep 17 00:00:00 2001
From: Faizaan pochi <61882064+Faizaanp@users.noreply.github.com>
Date: Wed, 7 Jan 2026 18:22:04 +0530
Subject: [PATCH] fix: allow public memo API access without authentication 
 (#5451)

---
 server/router/api/v1/v1.go | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/server/router/api/v1/v1.go b/server/router/api/v1/v1.go
index 74b342fa2..834f054fb 100644
--- a/server/router/api/v1/v1.go
+++ b/server/router/api/v1/v1.go
@@ -59,7 +59,7 @@ func (s *APIV1Service) RegisterGateway(ctx context.Context, echoServer *echo.Ech
 			ctx := r.Context()
 
 			// Get the RPC method name from context (set by grpc-gateway after routing)
-			rpcMethod, _ := runtime.RPCMethod(ctx)
+			rpcMethod, ok := runtime.RPCMethod(ctx)
 
 			// Extract credentials from HTTP headers
 			authHeader := r.Header.Get("Authorization")
@@ -67,7 +67,8 @@ func (s *APIV1Service) RegisterGateway(ctx context.Context, echoServer *echo.Ech
 			result := authenticator.Authenticate(ctx, authHeader)
 
 			// Enforce authentication for non-public methods
-			if result == nil && !IsPublicMethod(rpcMethod) {
+			// If rpcMethod cannot be determined, allow through, service layer will handle visibility checks
+			if result == nil && ok && !IsPublicMethod(rpcMethod) {
 				http.Error(w, `{"code": 16, "message": "authentication required"}`, http.StatusUnauthorized)
 				return
 			}