Are Adobe Analytics API oAuth scopes no longer required?




So we provide a reporting solution, and for a while now we have used an authorization code flow (https://marketing.adobe.com/developer/documentation/authentication-1/auth-web-server-1) so that we can retrieve reporting data from user's Adobe Analytics account on behalf of the user. We use a scopes mentioned in https://marketing.adobe.com/developer/documentation/authentication-1/auth-scope-1#concept_A508306A83....

However, it seems like every recent authorization request is coming back with the error:

"The specified client does not have permission to use the requested scope".

Current scopes reflect the documentation. If I should remove the scope parameter entirely, I'm prompted to give access to make API requests on behalf of the user. Now sufficient privileges are granted to access the account, but if I should try this a second time with the same account, I will get a significantly short access token that will not work - all requests with it return an error "The access token provided is invalid". The token looks a bit similar to the token in the example of client credentials grant (https://marketing.adobe.com/developer/documentation/authentication-1/auth-client-credentials-1).

In both cases I receive the same refresh token so I can use the token refreshing service to get a working access token, so there is a workaround for now. However, this and the requirement to drop scope definitions makes me think something is wrong either with the service or the documentation.

Thank you for reading this far. Any information would be greatly appreciated.





We have this same issue. The breadth of customers we support today (and all those looking to oauth now) are impacted. Any direction on this topic would be helpful.





Can you post a sample of the requests you are making? Scopes should still be used as listed in the doc you mentioned.