Listing Identities

dspencer_anaqua · October 1, 2025, 9:45pm

Greetings,

Just getting going with the ISC APIS, and running into an issue listing all of the Identities in our dev Tenant:

Given the following request ( Derived from Postman Request )

curl --location ‘https://[TENANT PORTION].api.identitynow-demo.com/v2025/identities?limit=250&offset=0’ \

--header ‘Accept: application/json’ \

--header ‘Authorization: ••••••’

Receiving the following response:

`"detailCode": "403 Forbidden",`

"trackingId": "0a3fe85b98ce4bff8eeb73397d502fb9",
"messages": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The server understood the request but refuses to authorize it."
},
{
"locale": "und",
"localeOrigin": "REQUEST",
"text": "The server understood the request but refuses to authorize it."
}
],
"causes": []

In terms of our general setup, I am have an API Client with the following scopes defined:

idn:identity:read,sp:scopes:all,idn:identity:manage

We are able to pull retrieve Accounts, using the Accounts List endpoint, as well as getting detailed information, using the Account Details endpoint.

Looking for a little guidance on the proper request, or anything that we may be missing here.

markomanium · October 1, 2025, 10:19pm

Hello @dspencer_anaqua, Could you maybe check if Your case is related to this? API read scopes - 403 forbidden error - Identity Security Cloud (ISC) / ISC Discussion and Questions - SailPoint Developer Community

sita_ram · October 2, 2025, 4:37am

Switch to a Personal Access Token (PAT) instead:

Go to your profile → Preferences → Personal Access Tokens
Create a new PAT with the same scopes (idn:identity:read, idn:identity:manage, or just sp:scopes:all)
Make sure the user creating the PAT has ORG_ADMIN or appropriate user level permissions
Use the PAT’s client ID/secret to authenticate—it works exactly like client credentials but carries the user context

The difference:

Client credentials = no user context.
PAT = tied to the user who created it.

Many ISC APIs require that user context for authorization, which is why Accounts endpoints work but Identities doesn’t.

Hope this helps.

dspencer_anaqua · October 2, 2025, 1:04pm

@sita_ram Thank you for the clarification. I, had created the PAT previously, but must have gotten lost in the shuffle was I was coming up to speed on the platform. All is good now!

sita_ram · October 2, 2025, 1:49pm

Great! Please mark this as the solution so it can help other developers. Thanks.

Topic		Replies	Views
403 Forbidden error in API call ISC Discussion and Questions apis , identity-security-cloud	5	130	November 27, 2025
API read scopes - 403 forbidden error ISC Discussion and Questions apis , identity-security-cloud	7	3920	December 11, 2023
Problem with token creation ISC Discussion and Questions identity-security-cloud	4	155	June 7, 2025
API Scopes Not Working Broken Feature ISC Discussion and Questions apis , identity-security-cloud	12	449	August 31, 2024
API Authentication for service-desk-integrations ISC Discussion and Questions apis , identity-security-cloud	5	391	December 19, 2023

Listing Identities

Related topics