Expand my Community achievements bar.

Webinar: Adobe Customer Journey Analytics Product Innovations: A Quarterly Overview. Come learn for the Adobe Analytics Product team who will be covering AJO reporting, Graph-based Stitching, guided analysis for CJA, and more!

Are Adobe Analytics API oAuth scopes no longer required?

Avatar

Level 1

Hello,

So we provide a reporting solution, and for a while now we have used an authorization code flow (https://marketing.adobe.com/developer/documentation/authentication-1/auth-web-server-1) so that we can retrieve reporting data from user's Adobe Analytics account on behalf of the user. We use a scopes mentioned in https://marketing.adobe.com/developer/documentation/authentication-1/auth-scope-1#concept_A508306A83....

However, it seems like every recent authorization request is coming back with the error:

"The specified client does not have permission to use the requested scope".

Current scopes reflect the documentation. If I should remove the scope parameter entirely, I'm prompted to give access to make API requests on behalf of the user. Now sufficient privileges are granted to access the account, but if I should try this a second time with the same account, I will get a significantly short access token that will not work - all requests with it return an error "The access token provided is invalid". The token looks a bit similar to the token in the example of client credentials grant (https://marketing.adobe.com/developer/documentation/authentication-1/auth-client-credentials-1).

In both cases I receive the same refresh token so I can use the token refreshing service to get a working access token, so there is a workaround for now. However, this and the requirement to drop scope definitions makes me think something is wrong either with the service or the documentation.

Thank you for reading this far. Any information would be greatly appreciated.

3 Replies

Avatar

Level 1

We have this same issue. The breadth of customers we support today (and all those looking to oauth now) are impacted. Any direction on this topic would be helpful.

Avatar

Employee

Can you post a sample of the requests you are making? Scopes should still be used as listed in the doc you mentioned.