API account creation, lookup returns 403 Forbidden
I've been experimenting with the retrieval of BDS data sets via Postman using some of the Brightspace collections and have been successful at that. However, I've now started trying to provision users via API calls, and my calls always return a 403 Forbidden, even when trying to look up a user. My auth and refresh tokens, as well as my oauth2scope, are being drawn from the same environment in Postman, and other calls to the API using these are working fine. I think I have given my defined managed application in Brightspace appropriate permissions (core:*:* users:*:*, amongst some others which are broader than required), and I am passing the same set of permissions in my oauth2scope. In my user creation call, I'm passing a structure similar to the following, which is pulled directly from the Postman collection:
{ "OrgDefinedId": "someemail@gmail.com", "FirstName": "Somefirstname", "MiddleName": "", "LastName": "Somelastname", "ExternalEmail": "someemail@gmail.com", "UserName": "someemail@gmail.com", "RoleId": 110, "IsActive": true, "SendCreationEmail": true}
I'm unsure where my mistake is, though I have to think my scope/permissions are incorrect somehow; I just can't see it. Can someone provide guidance here on where I should start looking? Thanks in advance.
Answers
-
Hello @Andy.R.9906 Thank you for your question.
Could you please open a support case for this? 403 Forbidden normally appears if some permission or configuration is incorrect.
We would have to take a look at your role and check if the permissions are in place.
Thanks,
Daiana
-
Can do, but my user account also currently has the superadmin role, so I figured that would be sufficient, given my other readings on the matter. Thanks.
