From a926999b2904f906a9c946bf3dbbd71beb1432d6 Mon Sep 17 00:00:00 2001
From: harimkims <harimkims@gmail.com>
Date: Tue, 21 Dec 2021 22:37:43 +0900
Subject: [PATCH] Fix relations are not populated if API key is read-only

Signed-off-by: harimkims <harimkims@gmail.com>
---
 packages/core/admin/server/strategies/api-token.js | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/packages/core/admin/server/strategies/api-token.js b/packages/core/admin/server/strategies/api-token.js
index f17cae30b3..e4c6780005 100644
--- a/packages/core/admin/server/strategies/api-token.js
+++ b/packages/core/admin/server/strategies/api-token.js
@@ -60,7 +60,8 @@ const verify = (auth, config) => {
    * scopes. If the route has no scope, then you can't get access to it.
    */
 
-  if (config.scope && config.scope.every(isReadScope)) {
+  const scopes = Array.isArray(config.scope) ? config.scope : [config.scope];
+  if (config.scope && scopes.every(isReadScope)) {
     return;
   }