Hi ,
We are currently developing a Ruby script that performs various API calls, including retrieving the identity list, creating and updating sources, and updating schemas, and others. However, we’ve encountered an issue with access token generation across these scenarios.
Although we have generated a Personal Access Token (PAT) with the scope set to sp:scopes:all, we are still experiencing 403 Forbidden errors for several API calls. Given that different API calls require different scopes, we are seeking your guidance on how to generate an access token that would work seamlessly for all the API calls we need to perform.
Any insights or suggestions you could provide would be greatly appreciated.
User level permissions with which the PAT is created.
If ‘sp:scopes:all’ is not feasible or returns limited access,break down the token generation process and specify individual scopes needed for the different types of API calls, such as below, and test it to see if that works.
For the Identity you have used to generate token, please ensure that it have the right Privilege inside SailPoint. (For eg: the identity have Role Admin, Admin, Source Admin privilege added as per requirement based on requirement)
Please assign this permission inside the identity and check again.