Postman query failing with "unauthorized" even though the token is a member of an appropriate group

Question

This will take a while to explain...I have Postman connecting to CDF with a “Client Credentials” token
I can then send queries for simple things like inspecting the token. This is what is returned:
{
"subject": "ce8f2088-da91-4918-a028-372047200451",
"projects": [
{
"projectUrlName": "ra-ftmosaixsandbox",
"groups": [
4341646182160549,
7415122489150445
]
}
],
"capabilities": [
{
"groupsAcl": {
"actions": [
"LIST",
"READ",
"CREATE",
"UPDATE",
"DELETE"
],
"scope": {
"all": {}
}
},
"projectScope": {
"projects": [
"ra-ftmosaixsandbox"
]
}
},
{
"projectsAcl": {
"actions": [
"LIST",
"READ",
"UPDATE"
],
"scope": {
"all": {}
}
},
"projectScope": {
"projects": [
"ra-ftmosaixsandbox"
]
}
}, . . . . .

Note that it is a member of groups 4341646182160549 and 7415122489150445. The first of these is listed below (this is from CDF “Manage Access” page):

4341646182160549

DEV AAD- SWC_DATA_Cognite_Dev_TenantAdmin

groups:listgroups:readgroups:creategroups:updategroups:deleteprojects:listprojects:readprojects:update

It is clear that the token should have the “groups:list” capability.

Yet when I run that query in Postman, this is what I get:
{
"error": {
"code": 403,
"message": "Unauthorized"
}
}

What am I missing? It seems to me that the query should succeed

Thanks
Adrian

icon

Best answer by Adrian Dams 3 February 2023, 06:57

View original

Adrian Dams · Accepted Answer

I found the problem. It was the incorrect {{project}} in the url. Changed it to the correct one and it works correctly

Carin Meems · Answer

Hi @Adrian Dams,Glad to hear you were able to sort this out.Enjoy your weekend!Carin

Postman query failing with "unauthorized" even though the token is a member of an appropriate group

2 replies

Reply

Reply

Sign up

Log in to the community

Scanning file for viruses.

This file cannot be downloaded