List Requestable Objects Forbidden Errors

I’m calling the /v3/requestable-objects API via an authCode based flow with the scopes set to sp:scopes:default.

The integration as the user is calling /v3/requestable-objects?identity-id=me but is getting a 403 back. The documentation says the following:

Any authenticated token can call this endpoint to see their requestable access items.

Any thoughts on why I would be returned a 403 forbidden error for this?

@adunker

If I used the scope as sp:scopes:default, I got the same response as you did. I tried a number of combinations and found that idn:requestable-objects:read would provide a response for the user when they had no other scopes set. I think this is a documentation error.

Alicia

2 Likes

Yup - that resolved it for me.

1 Like