Is it possible to update (PATCH) the scope for a PAT that belongs to another user? (i.e. not your own PAT ID, but another)
I tried, but I get 403 Forbidden. “The server understood the request but refuses to authorize it.”
Note:I can successfully DELETE a PAT that belongs to another user. So if it is a permissions issue, it is weird that I can delete a PAT but not edit its scopes.
Thanks for your response.
I have scope sp:scopes:all and my user level is Admin, so I would have thought that sufficient.
I tried adding the scopes you mentioned, but still getting same error.
Admin user can’t modify a particular user PAT scope. only same user can be able to modify their scopes. if that user tenant access level admin or user.
@jrossicare , a user can update the PAT scope only for self, as you are the admin too. Also the scope - sp:my-personal-access-tokens:manage (min scope to use the Patch PAT API), sp:scopes:all (you can do any API calls using this scope - max scope).
Thanks for redirecting me to this discussion. This seems like a shortcoming if it’s intentional.
I opened idea GOV-I-3838 to allow full admin to modify other users’ PATs. If you know of another existing idea for the same topic, please let me know and I’ll vote that one instead.
I created a “ISC API Tokens” source, and I wanted to have Certifications to review the scope of API tokens/PATs, so say a manager could revoke scopes that a token shouldnt have.
As this is not possible, the Certification is now for the PAT, and manager can revoke the PAT completely.