We have set scope "manage:surveys" and "read:surveys" to our Client ID through web interface. After this we generated the Bearer Token from API "https://iad1.qualtrics.com/oauth2/token" and used the generated token in get-list of surveys API call "https://iad1.qualtrics.com/API/v3/surveys", we are getting below error:
"httpStatus": "403 - Forbidden",
"error": {
"errorMessage": "insufficient_scope",
"errorCode": "AUTH_13.0"
}
We are getting the same error for all API calls related to surveys.
Getting error "insufficient_scope" in API call
Best answer by racod
I ran into this same issue and contacted the Qualtrics API team about it. MRk was on the right track but I for one couldn't quite translate his ietf.org link into a solution for myself.
You need to include the desired scope when requesting the Bearer Token. (Make sure your account has the permissions for it on the Qualtrics side.) Here is my example code in Python that is now working correctly without producing the 403 - Forbidden error:
base_url = "https://{0}.qualtrics.com/oauth2/token".format(DATACENTER_ID)
data = { "grant_type": "client_credentials", "scope": "manage:users" }
r = requests.post(base_url, auth=(CLIENT_ID, CLIENT_SECRET), data=data)
If you need to define multiple scopes, the support tech said to separate them with spaces. E.g. data = { "grant_type": "client_credentials", "scope": "read:users read:activity_logs read:directory_contacts" }
I asked the Qualtrics API team to update their API documentation to clarify this point because they make no mention of it currently.
I hope this helps someone.
Leave a Reply
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.