Expand my Community achievements bar.

SOLVED

Adobe Analytics v2.0 - OAuth2.0 Integration - Profile Not Valid Error (403025)

Avatar

Level 1

We have successfully created OAuth 2.0 project type and were able to retrieve an OAuth2.0 access token using below approaches

 

 

Using all the three approaches, we are able to get back OAuth 2.0 access token.

 

However, when using any of the above token to call adobe analytics v2.0 REST api, we encounter 403025 Profile Not Valid Error. We have tried making the API request from React JS code and POSTMAN/curl resulting in same error.

 

Pasting a sample request that’s failing with headers -

 

 

$ curl --request POST 'https://analytics.adobe.io/api/reports' \

> --header 'Content-Type: application/json' \

> --header 'x-api-key: <<CLIENT ID>> \

> --header 'x-proxy-global-company-id: <<GLOBAL COMPANY ID>>' \

> --header 'Authorization: Bearer <<ACCESS TOKEN>>' \

> --data-raw '{ <<POST BODY>> }'

  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current

                                 Dload  Upload   Total   Spent    Left  Speed

100  3056    0    58  100  2998     49   2568  0:00:01  0:00:01 --:--:--  2618

{"error_code":"403025", "message":"Profile is not valid"}

 

Can you please guide us on what could be the possible reasons for receiving above error and possible remediation?

1 Accepted Solution

Avatar

Correct answer by
Employee

Hi @user01447 

Ideally, this error message displays when the user or Adobe I/O integration (identified by the access token in the Authorization header) is not entitled to make calls to Experience Platform APIs for the IMS Org provided in the x-gw-ims-org-id header.
Can you please also ensure that your Global company ID is correct?

To find your Global Company ID, please follow the steps mentioned on the following page: https://www.adobe.io/apis/experiencecloud/analytics/docs.html#!AdobeDocs/analytics-2.0-apis/master/o...

You can also utilize the cURL request through Swagger UI, described in the above link and try it out in Postman.

Hope this helps.

View solution in original post

6 Replies

Avatar

Correct answer by
Employee

Hi @user01447 

Ideally, this error message displays when the user or Adobe I/O integration (identified by the access token in the Authorization header) is not entitled to make calls to Experience Platform APIs for the IMS Org provided in the x-gw-ims-org-id header.
Can you please also ensure that your Global company ID is correct?

To find your Global Company ID, please follow the steps mentioned on the following page: https://www.adobe.io/apis/experiencecloud/analytics/docs.html#!AdobeDocs/analytics-2.0-apis/master/o...

You can also utilize the cURL request through Swagger UI, described in the above link and try it out in Postman.

Hope this helps.

Avatar

Level 1

We are providing correct values for Global Company ID and IMS Org ID for headers x-proxy-global-company-id and  x-gw-ims-org-id respectively.

What specific permission / entitlement setting I should be looking for in admin console?

I have been give "Product administrator" access to my adobe account by my company

Avatar

Employee

Hi @user01447 

For testing purposes, you can create a product profile in admin console, assign it all the permissions and add yourself in the product profile. Then you can create a Project in Developer console and add the product profile in it. Once this is done, can you please check and see if you are still getting the same error when you fire API requests?

Avatar

Level 1

Hi @Saurav_Raj 

 

We have created product profile and assigned all permissions to it (reports suites, dimensions, metrics and rest). We also created oauth project from developer console Create New Project - >Add an API -> Add autentication Method.

 

I think what I may be missing is linking product profile and oauth project? From where these two can be linked?

Avatar

Level 1

Turned out, we had some unwanted spaces (%20) characters in authorization URL which was causing Adobe’s IdP implementation to return authorization code ignoring the scope we requested for, ending up in 403025 later.

 

Getting rid of spaces in authorization URL fixed the issue for us.