We have noticed that some workflow actions and APIs work only when there’s a PAT associated with the user e.g. Disable accounts API
In these cases, the access token generated via OAuth Client credentials that are generated in Global → API Management, do not work. (Even though both PAT and Client credentials have the same scopes assigned)
Can someone help in understanding what’s the difference and how to identify that in the docs?
Could you please confirm whether the Disable Account step that failed in the workflow is an HTTP Operation rather than an Action step?
Workflows use the workflow owner’s access token scope to execute action operations.
Thanks!
Look for clues like “executed as user” or error messages about authorization when using OAuth — that’s usually your sign PAT is required.
Take a look at the below thread for reference. The OAuth client credentials does not have a user context and is advisable to use the PAT for the workflow actions as the ISC API’s expect a user context.
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.