Token does not have the privilege for this request.

October 29, 2018

Issue:
When requesting an access token using data:read scope, I can successfully get the list of hubs using that token. However, I also need to create a new issue in BIM 360 and that requires a data:write scope. So I'm now requesting an access token using data:write scope, but then the request to get the list of hubs fail - see above image. 

Answer:
When requesting an access token, you have to include all the scopes that the various endpoints you will be calling need. The GET hubs endpoint needs data:read and the POST issues endpoint needs data:write - so you should add both when requesting an access token. The documentation of each endpoint highlights the scopes they need. 
See list of possible scopes: https://forge.autodesk.com/en/docs/oauth/v2/developers_guide/scopes/

I'm quite sure that all of our samples provide multiple scopes when requesting an access token so you can have a look at any of them to see how to do it correctly.
https://github.com/autodesk-forge