Legacy Dev Forum Posts

 View Only

Sign Up

Back to discussions
Expand all | Collapse all

Issue on Authorization Roles request

  • 1.  Issue on Authorization Roles request

    Posted 06-05-2025 18:16

    matt22 | 2020-04-09 15:11:06 UTC | #1

    Hi every one.

    I've got an issue on API. I'm trying to request : https://api.mypurecloud.de/api/v2/api/v2/authorization/roles?pageSize=100

    From Developer Tools : No problem From Postman : 403 ERROR (the Oauth is a client Credential with Master Admin role on all Divisions)

    But with same authentication (Oauth 2.0) For https://api.mypurecloud.de/api/v2/users?pageSize=100&pageNumber=2

    From Postman : OK

    And i know that 3 month ago it worked ! Do you know why ?

    Thank you for help

    tim.smith | 2020-04-09 18:13:24 UTC | #2

    matt22, post:1, topic:7516
    From Postman : 403 ERROR

    A 403 response means that the user is authenticated, but lacks permission to access the resource. The response body usually indicates the permission or condition causing the 403. Can you share the response body and the correlation ID?

    crespino | 2020-04-09 20:05:44 UTC | #3

    For a Client Credentials Grant OAuth client you have to select a role that will be assigned to that application. Is it possible that the role assigned doesn't have the permissions to call /api/v2/authorization/roles? The role would have to have the 'authorization:role:view' assigned.

    I believe that Fine Grained Access Control (FGAC) was enabled just about 3 months ago, which is probably why this worked for you previously but not now: https://developer.mypurecloud.com/api/rest/v2/authorization/fgac.html

    matt22 | 2020-04-09 20:29:51 UTC | #4

    Thank you for your help.

    I just check and the role have 'Role:View' on 'All Division' so should be OK. Here the content of the response :

    <HEAD> <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1"> <TITLE>ERROR: The request could not be satisfied</TITLE> </HEAD>

    <BODY> <H1>403 ERROR</H1> <H2>The request could not be satisfied.</H2> <HR noshade size="1px"> Bad request. We can't connect to the server for this app or website at this time. There might be too much traffic or a configuration error. Try again later, or contact the app or website owner. <BR clear="all"> If you provide content to customers through CloudFront, you can find steps to troubleshoot and help prevent this error by reviewing the CloudFront documentation. <BR clear="all"> <HR noshade size="1px"> <PRE>

    tim.smith | 2020-04-09 20:54:56 UTC | #5

    Typo in your path: /api/v2/api/v2/.... GET /api/v2/authorization/roles

    matt22 | 2020-04-10 06:31:28 UTC | #6

    Sorry, wrong copy/paste

    But my request is

    or

    And same response 403.

    crespino | 2020-04-10 17:01:11 UTC | #7

    So if you are using Postman, are you using the built-in OAuth Authentication mechanism, or are you calling the Authorization endpoint to get an access token and then manually adding an HTTP Authentication header with a value of "bearer token"?

    crespino | 2020-04-10 17:29:07 UTC | #8

    I just confirmed that in the mypurecloud.de region, I was able to use Postman to get roles using: https://api.mypurecloud.de/api/v2/authorization/roles?pageSize=100

    I used both the built-in Postman OAuth 2.0 Client Credentials mechanism and simply sending an /oauth/token request and manually using the returned access token.

    Note that I did assign the built-in 'admin' role to my OAuth client in Admin which I confirmed does contain the proper permissions:

    matt22 | 2020-04-15 06:13:50 UTC | #9

    Ok, thank you for your test.

    Can't find my error.... Even with the same credential as my C# Code, it works on C# but not on PostMan. Same 403 Error on Role/Queues users. But works for user list.

    Do not understand. Don't know if you have log access. But here, one off my request ID 6Z4rp4sL2MFyD2fnX7L0qrLqSnAnyPuoxYDGm_H5G8g0ks9CFaO7pA==

    Thanks for help

    tim.smith | 2020-04-15 12:50:14 UTC | #10

    Can you provide a screenshot of the entire postman application showing both the request configuration and the response headers? That is not a Genesys correlation ID for the request. The request is making it to cloudfront (where the request ID is from), but the request isn't able to be routed to the Genesys cloud services.

    matt22 | 2020-04-16 06:20:43 UTC | #11

    Thank you so much for your help.

    here the print

    And for this one, i have used the same Oauth client than the one i use on a C# program that works fine on it. Even for Roles.

    Thank you

    Jerome.Saint-Marc | 2020-04-16 07:03:28 UTC | #12

    Hello,

    Please avoid showing access tokens, or clientId/secret when you post something on the forum. This is for the security of your org (in case the access token you are showing is still valid...).

    Regarding your issue - just a guess as I see a green bullet icon next to your Body (in the tabs below the GET - Params, Authorization, Headers, Body, Pre-request script, Tests, Settings). As you are making a GET request, make sure that Body is set to "none" (in case you started from a POST/PUT/PATCH request and modified it into a GET - without changing Body from "raw" to "none").

    Regards,

    matt22 | 2020-04-16 08:13:59 UTC | #13

    Thank you Jerome, But the token is not complete ...

    Thank you, i didn't note that before, in fact it was Postman that added "granttype=clientcredentials" on Body... don't know why.

    Thank you it seems to work now ! Have a good day

    system | 2020-05-17 08:13:59 UTC | #14

    This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.

    This post was migrated from the old Developer Forum.

    ref: 7516



Related Content