Insufficient_scopes

Questions
1

We’re unable to give our developers a full list of permissions. Despite numerous attempts.

The list of permissions we wish to provide are:

  1. ITEMS_READ
  2. MERCHANT_PROFILE_READ
  3. INVENTORY_READ
  4. EMPLOYEES_READ
  5. PAYMENTS_READ
  6. INVOICES_READ
  7. ORDERS_READ
  8. CUSTOMERS_READ

We do this via the OAuth URL:
https://connect.squareup.com/oauth2/authorize?client_id=< our client id > &sscope=ORDERS_READ+INVOICES_READ+INVENTORY_READ+MERCHANT_PROFILE_READ+ITEMS_READ+EMPLOYEES_READ+PAYMENTS_READ+CUSTOMERS_READ&redirect_uri=https://www.serenaandlily.com

But when the developer retrieves the status of the current token using the code returned:
https://connect.squareup.com/oauth2/token/status

We only see these permissions provided
“scopes”: [
“BANK_ACCOUNTS_READ”,
“MERCHANT_PROFILE_READ”,
“PAYMENTS_READ”,
“SETTLEMENTS_READ”
]

Even when we try to create a code with JUST ITEMS_READ permission, it refuses. We’re stumped. What are we doing wrong?

2

Hey @paul.hemmings :wave: Are you able to share your application ID and the Merchant ID that you’re attempting to authorize?

3

Hi Josh. The application ID is: sq0idp-vsKxhLuLEJCNa6qZL_VlZA

4

Hey @paul.hemmings! It looks like you’ve got an extra “s” in your scopes query parameter. If you update it to scope, are you able to get the correct permissions?

5

That worked. Thanks for spotting that. Apparently no one here did.

6

Awesome, happy to hear that! I’ve made that mistake myself before too. Feel free to reach back out if anything else comes up :slight_smile: