This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Getting InsufficientScope

Posted on 09-13-2022 09:27 PM
majjiku
Bronze 3
Bronze 3
Reply posted on --/--/---- --:-- AM

Hi  support team,

We are getting fault Name"Insufficient Scope" at pre flow while calling the actual API after generating the access token.

Could you please let us know why this error happening. We are using SAAS platform.

we have created new app and updated the consumer secret key as per client requirement. We have not updated the consumer id. it is same as what edge generate after creating app. Does this app consumer secret key updating causing this issue. If not what would be the reason to facing this issue?

 

error message logs:

 
environment Name"prod"
error Code"403"
error Message"Required scope(s): SEC-OAV2-Post-VerifyAccessToken.scopeSet"
error Reason"Forbidden"
error State"PROXY_REQ_FLOW"
error Title"null"
fault Name"Insufficient Scope"
flow"Pre Flow"
 
"developer App":"*********", "environment Name": "prod", "errorCode":"403", "error Message": "Required scope(s): SEC-OAV2-Post-VerifyAccessToken.scopeSet", "error Reason": "Forbidden", "error State": "PROXY_REQ_FLOW", "error Title": "null", "fault Name":" Insufficient Scope", "flow": "Pre Flow",
 
Thank you,
M Kumari.
Solved Solved
0 2 2,516
Topic Labels
Jump to Solution
0 Likes
1 ACCEPTED SOLUTION

Posted on --/--/---- --:-- AM
dchiesa1
Staff
Reply posted on --/--/---- --:-- AM

"Insufficient scope" suggests that the token itself, when it was generated, was generated with an insufficient scope. 

At the time of VerifyAccessToken, there is something in the policy that is stipulating the scope that must be present on the token.  If the token was generated without that scope, then VerifyAccessToken fails with "insufficient scope". 

The fix for this is to generate the token with the appropriate scope. 

The rotation of credentials should not affect the scope directly. It may be coincidental that you rotated credentials and then saw the scope problem. Or, it could be somewhat directly related, depending on how you generate tokens. 

Not sure this is helpful.

View solution in original post

Jump to Solution
0 Likes
2 REPLIES 2

Posted on --/--/---- --:-- AM
dchiesa1
Staff
Reply posted on --/--/---- --:-- AM

"Insufficient scope" suggests that the token itself, when it was generated, was generated with an insufficient scope. 

At the time of VerifyAccessToken, there is something in the policy that is stipulating the scope that must be present on the token.  If the token was generated without that scope, then VerifyAccessToken fails with "insufficient scope". 

The fix for this is to generate the token with the appropriate scope. 

The rotation of credentials should not affect the scope directly. It may be coincidental that you rotated credentials and then saw the scope problem. Or, it could be somewhat directly related, depending on how you generate tokens. 

Not sure this is helpful.

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
majjiku
Bronze 3
Bronze 3
In response to dchiesa1
Reply posted on --/--/---- --:-- AM

yes, here in my case the issue resolved by adding create scope in Product.

Jump to Solution
0 Likes
Top Solution Authors
View all