API Error: 403 Forbidden > Insufficient Privileges

mkramer789 · October 21, 2024, 3:42pm

Hello,

I’m working with a customer who receives the following error for the endpoint listed below. Can you please explain what privileges they are missing & how to add them? For troubleshooting, I attempted to recreate the issue by signing up for a free trial, however I was able to successfully hit this endpoint without any issues.

url: https://sonarcloud.io/api/permissions/users?organization=oncorps&p=1&ps=100

error:
HTTP Error Response: 403 Forbidden
{“errors”:[{“msg”:“Insufficient privileges”}]}

Thanks,
Mike

ganncamp · October 22, 2024, 3:12pm

Hi Mike,

Welcome to the community!

In what context does he receive this error?

Ann

mkramer789 · October 23, 2024, 1:57pm

The customer receives this error when attempting to make a call to the url I provided, using the token and org key.

ganncamp · October 23, 2024, 3:51pm

Hi,

So the user is manually calling the URL, then?

So I suppose we can only go by the error message itself: the token he’s providing doesn’t have sufficient permissions. You might work with him to make sure the user account generating the token is configured properly and that the token value hasn’t been munged.

HTH,
Ann

mkramer789 · October 23, 2024, 5:40pm

Hi Ann,

How do you update the permissions for the token? I saw no option to do this in the UI. Additionally, the person generating the token is an Admin - nobody else in their org has higher permissions than they do.

Thanks,
Mike

ganncamp · October 23, 2024, 5:53pm

Hi Mike,

Tokens can’t be updated. I suggest you generate a new one to make sure the value hasn’t been messed up.

Alternately, I suggest trying the operation via the UI.

HTH,
Ann

mkramer789 · October 23, 2024, 5:57pm

We have tried generating new tokens. Can we arrange for a call to step through this? I think that will be more efficient.

ganncamp · October 23, 2024, 6:13pm

Hi,

Have you tried this via the UI? The best way to master the API is to perform the desired action via the UI and eavesdrop to see which calls the UI made to accomplish the action.

You may also find this guide helpful.

HTH,
Ann

mkramer789 · October 23, 2024, 6:16pm

No we haven’t tried in the UI.

https://sonarcloud.io/web_api/api/users?deprecated=false

I don’t see a way to pass in org key and token in this page.

ganncamp · October 24, 2024, 11:59am

Hi,

You should check out the guide I linked.

Ann

Topic		Replies	Views
403 Forbidden - Insufficient privileges when calling the api/users/create endpoint SonarQube Cloud web_api	4	2087	June 4, 2019
403 Insufficient privileges calling api/project_analyses/search SonarQube Cloud web_api	2	4902	October 26, 2018
HTTP 403 when accessing /api/projects/search but other endpoint works like components SonarQube Cloud	3	533	February 27, 2020
Sonarcloud Web API - Insufficient privileges SonarQube Cloud web_api , sonarqube-cloud	3	2304	August 3, 2020
API REST "Insufficient privileges" on the /applications/* endpoint SonarQube Server / Community Build	2	715	January 10, 2023

API Error: 403 Forbidden > Insufficient Privileges

Related topics