FORBIDDEN error when querying list invoices

frost123frost123 Member Posts: 2

I am getting this error when trying to list invoices.
{"errors":[{"extensions":{"code":"FORBIDDEN","id":"edeed03b-7db9-4a6b-b6db-59145da6b44a"},"message":"Action not authorized.","locations":[{"line":1,"column":50}],"path":["business"]}],"data":{"business":null}}

What could be the problem?

Comments

  • AngelaCAngelaC Member Posts: 12 admin

    Hi @frost123 ,

    Typically this happens when the OAuth token you're making the request with doesn't have the appropriate scopes attached to it. To query for a list of invoices, you would likely need the invoice:read scope.

    You can read more about the OAuth flow here.

    Hope that helps!
    Angela

  • frost123frost123 Member Posts: 2

    Hi @AngelaC ,

    I am using the scope invoice:* . I have also tried invoice:read scope. It still does not work.

  • KieronBKieronB Member Posts: 13 admin

    Hi @frost123 ,

    Depending on the query, you may need some additional scopes. For example, the example List Invoices query in the Wave API documentation contains a number of fields that can't be accessed with only the invoice:* scope.

    For the example query to be executed, the token should have the invoice:read, business:read, account:read, product:read, sales_tax:read, and customer:read scopes, because the query requests each of those different types. The API Playground can be very helpful, here. You can test your query in the API Playground, and the error message (if any) will point to the portion of the query which is the source of the access error. (This is also true for any query, whether using the Playground or not, but the visual nature of the Playground can make this task easier)

    edited October 28, 2021
Sign In or Register to comment.