API Error: 403 Forbidden > Insufficient Privileges

Hello,

I’m working with a customer who receives the following error for the endpoint listed below. Can you please explain what privileges they are missing & how to add them? For troubleshooting, I attempted to recreate the issue by signing up for a free trial, however I was able to successfully hit this endpoint without any issues.

url: https://sonarcloud.io/api/permissions/users?organization=oncorps&p=1&ps=100

error:
HTTP Error Response: 403 Forbidden
{“errors”:[{“msg”:“Insufficient privileges”}]}

Thanks,
Mike

Hi Mike,

Welcome to the community!

In what context does he receive this error?

 
Ann

The customer receives this error when attempting to make a call to the url I provided, using the token and org key.

Hi,

So the user is manually calling the URL, then?

So I suppose we can only go by the error message itself: the token he’s providing doesn’t have sufficient permissions. You might work with him to make sure the user account generating the token is configured properly and that the token value hasn’t been munged.

 
HTH,
Ann

Hi Ann,

How do you update the permissions for the token? I saw no option to do this in the UI. Additionally, the person generating the token is an Admin - nobody else in their org has higher permissions than they do.

Thanks,
Mike

Hi Mike,

Tokens can’t be updated. I suggest you generate a new one to make sure the value hasn’t been messed up.

Alternately, I suggest trying the operation via the UI.

 
HTH,
Ann

We have tried generating new tokens. Can we arrange for a call to step through this? I think that will be more efficient.

Hi,

Have you tried this via the UI? The best way to master the API is to perform the desired action via the UI and eavesdrop to see which calls the UI made to accomplish the action.

You may also find this guide helpful.

 
HTH,
Ann

No we haven’t tried in the UI.

https://sonarcloud.io/web_api/api/users?deprecated=false

I don’t see a way to pass in org key and token in this page.

Hi,

You should check out the guide I linked.

 
Ann