October 29, 2018

Token does not have the privilege for this request.

Issue:
When requesting an access token using data:read scope, I can successfully get the list of hubs using that token. However, I also need to create a new issue in BIM 360 and that requires a data:write scope. So I'm now requesting an access token using data:write scope, but then the request to get the list of hubs fail - see above image. 

Answer:
When requesting an access token, you have to include all the scopes that the various endpoints you will be calling need. The GET hubs endpoint needs data:read and the POST issues endpoint needs data:write - so you should add both when requesting an access token. The documentation of each endpoint highlights the scopes they need. 
See list of possible scopes: https://forge.autodesk.com/en/docs/oauth/v2/developers_guide/scopes/

I'm quite sure that all of our samples provide multiple scopes when requesting an access token so you can have a look at any of them to see how to do it correctly.
https://github.com/autodesk-forge

 

Related Posts

March 18, 2019

Debug access rights issues from access token

You can run into various issues by trying to access a resource that does not belong to you or by using the wrong scope

Read More

March 7, 2019

3-legged authentication with Postman

We already have an article on using Pos

Read More