Hello,
When using Rest API with Client Credentials grant type to return list of saved searches, a 403 Forbidden message is being returned.
Where do we find the permissions settings to allow the API requests to be returned for saved searches? Is it the user that created the client ID and secret?
Other API end-point requests i.e accounts, public-identities are all working as expected.
Many thanks,
Sam
I’m sorry for the confusion. Our endpoints are supposed to document the authorities needed to call the endpoint, but that information is missing from our search API. Many of our APIs require a specific user authority, like ORG_ADMIN or CERT_ADMIN, to call the endpoint. A full list can be found here. Tokens that are generated from Client Credentials have no user context, and therefore can only call APIs that don’t require a user authority.
In order to call the search API, you will need to generate a token with a user context, specifically for a user that has one of the authorities listed in the link I shared above. The easiest way to do this is to generate a Personal Access Token, but you can also use the Authorization Code grant type.