Insufficient Scope Error

sanaa.khan · December 7, 2020, 4:46am

I started seeing this today, while everything was working fine about 2 weeks back.

I’m receiving the below error when trying to run a query using API Explorer.

{
  "errors": [
    {
      "code": "INSUFFICIENT_SCOPES",
      "detail": "The merchant has not given your application sufficient permissions to do that. The merchant must authorize your application for the following scopes: [ORDERS_READ]",
      "category": "AUTHENTICATION_ERROR"
    }
  ]
}

sjosey · December 7, 2020, 5:45pm

Can you share your application id? What endpoint are you hitting when you receive this error?

sanaa.khan · December 7, 2020, 9:03pm

App Id: sq0idp-LXyFOXjv_dK-4GfvXPdVQQ

Orders - Batch Retrieve

sanaa.khan · December 7, 2020, 10:30pm

And when I try to access using the API through my code, I’m able to access the Payments, when I try to read the Order using BatchRetrieve Request, I get a message, “Waiting for activation”

sjosey · December 7, 2020, 11:04pm

I’m not seeing any order endpoints being hit with that application id. I only see ListPayments being called and a very small amount of ListEmployees. Is it through a different application?

sanaa.khan · December 7, 2020, 11:55pm

Oops. I don’t think so. I’m calling the ListPayments from the same program and App Id.

sjosey · December 8, 2020, 4:58pm

I’m still not seeing any, hmmm. Is this for a specific location_id or merchant_id? I can try searching for one of those instead.

sanaa.khan · December 8, 2020, 5:34pm

I think we just have one Location Id and Merchant Id. Silly question but how can I know if we have any other Merchant Id?

UPDATES:

Is there anything I can try that would help debug this problem? We have to get all our payments into our main system by 12/28/2020. I’m running out of time!
I updated the API Version recently. but that was also in attempt to solve this issue. Stating here in case that helps
Im using C#.net to make the API requests. I updated the library today.
This is the exception Im getting ApiException: HTTP Response Not OK

sjosey · December 9, 2020, 5:16pm

Apologies for the confusion here, I didn’t realize these errors do not log the application id. I was able to find it using your location id tied to your application. So, looking your access tokens up, I see you’ve created several, I’m guessing through OAuth. Several of them only have PAYMENTS_READ permission, so this error is accurate: you need ORDERS_READ permission. If you are using OAuth, you need to be sure to include all of the scopes in the OAuth authorization URL.

sanaa.khan · December 9, 2020, 7:10pm

No problem. I apologize for getting a little impatient as well.

I just refreshed a token using API Explorer adding Payments_read and Orders_Read scopes. But Im still getting the same error.

sjosey · December 9, 2020, 7:25pm

That will not work, you cannot add scopes via the API. You must go through the OAuth authorization url again. Refreshing the token will generate a new token with the same permissions. If you passed the scopes parameter, that’s only for reducing the scopes, not adding new scopes.

sanaa.khan · December 9, 2020, 8:34pm

That was it! Thank you so much Stephen! I really appreciate your help.