varun_verma | 2020-09-21 18:14:24 UTC | #1
We added "integrations" scope to our Org's OAuth Client a long time back. Recently I was doing some testing on our Genesys sandbox account so when I installed the app and it showed that this app has access to View / Edit integrations.
We fetch the token using Code Grant and then using that token we create a Client Credentials Oauth Client. So that client credentials oauth client should have access to APIs where only scope is required and not any permission right ? When I hit the list integrations API I get this error:
{ "message": "You are not authorized to perform the requested action.", "code": "not.authorized", "status": 403, "messageParams": {}, "contextId": "f8281e90-29e1-4c90-adb4-e33099c1e635", "details": [], "errors": [] }
The API I am trying to hit is this which only needs scopes and no permissions. ( /api/v2/integrations)
Let me know if I am missing something because it was working earlier and now it's not working if I don't add Integrations>View permission to the role attached to the OAuth Client.
Thanks
John_Carnell | 2020-09-21 19:45:42 UTC | #2
Hi Varun,
I looked through the logs and this looks like a potential bug. Based on feedback from one of the other evangelist, it looks like you have a service trying to treat the OAuth client id as a user. The service then is trying to lookup that user in our directory and it does not exist.
Can you please open a ticket with our CARE support team and reference this post? This should help get this ticket to the right support team who can work with the development team o resolve the issue.
Thanks
varun_verma | 2020-09-22 04:50:03 UTC | #3
Thank you John. Will do that.
system | 2020-10-23 04:50:09 UTC | #4
This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.
This post was migrated from the old Developer Forum.
ref: 8874