Remove Account API + API Token Scope

What problem are you observing?

delete-account-async | SailPoint Developer Community says scopes: idn:account:remove
image

I can’t seem to find this scope in the list.

With only idn:accounts:manage I got a 403 error.

What is the correct behavior?

Scopes required for this API endpoint (and all other) should be available for selection for the API tokens.

What product feature is this related to?

ISC API

What are the steps to reproduce the issue?

See description.

Do you have any other information about your environment that may help?

No.

Thank you for reporting this. I have opened an engineering ticket (ISCAIM-24250) to fix it. In the meantime, you will have to use sp:scopes:all to use this endpoint, which is understandably not the greatest option.

Thanks for creating the ticket, Colin.
Will this ticket cover all missing scopes, or do we have to create a bug report for each missing scope?

These tickets are usually on a per endpoint basis. If you encounter any other endpoints that have incorrect or missing scopes, please let us know.

I am very sorry to hear that you’re not checking for similar issues as well, as there are many differences, and I find that comparing the two lists is not that complicated.

Would it not be more time efficient (for SailPoint and for us) to fix it completely instead of waiting for the next bug report with the next scope?