Scope details needed for "Get Source Schema by ID" request

Hi All,

I have been trying to access “Get Source Schema by ID”, “Lists the Schemas that exist on the specified Source in IdentityNow” endpoints using postman with scope as “sp:scopes:all”. But I am not able to retrive the data when the grant type is “CLIENT_CREDENTIALS” and see the response code as 403 with error “The server understood the request but refuses to authorize it.”. When I am try with grant type as “AUTHORIZATION_CODE” and same scope I was able to get the response with status code 200.

When I have checked the api documentation for these two endpoints, I do not see the required scope.

So, I want to know this. What should be the scope to access these endpoints? When the grant type is CLIENT_CREDENTIALS and scope is “sp:scopes:all” will it be not possible to review the details?

Looking for a solution to get the details. I would be happy if anyone can share the details.

Thanks,
Uday

The CLIENT_CREDENTIALS grant type does not have a user context, which means it is very limited in the APIs that it can call, regardless of what scopes you assign to it. Most APIs require a user context, which means you will either need a personal access token or use the AUTHORIZATION_CODE grant type.

Thanks Colin. Will check with personal access token once.