By Adam Nagy
One thing that sometimes people miss is that the scope needs to be set as a single string with the scope values separated by space - instead of as a list of values.
If you do the following then it will succeed, but the scope values will be ignored:
curl \ -v "https://developer.api.autodesk.com/authentication/v1/authenticate" \ -X "POST" \ -H "Content-Type: application/x-www-form-urlencoded" \ -d "client_id=<client id>&client_secret=<client secret>&grant_type=client_credentials&scope(0)=bucket:create&scope(1)=bucket:read&scope(2)=data:write"
After this if you try to do something like this:
curl \ -v "https://developer.api.autodesk.com/oss/v2/buckets" \ -X "POST" \ -H "Content-Type: application/json" \ -H "Authorization: Bearer <token>" \ -d "{\"bucketKey\":\"mynewbucket\",\"policyKey\":\"transient\"}"
Then you will get a reply like this:
Token scope not set. This request does not have the required privilege.
But if you set the required scopes the correct way in a single string then all will be fine. You just have to URL encode the space characters to %20:
curl \ -v "https://developer.api.autodesk.com/authentication/v1/authenticate" \ -X "POST" \ -H "Content-Type: application/x-www-form-urlencoded" \ -d "client_id=<client id>&client_secret=<client secret>&grant_type=client_credentials&scope=bucket:create%20bucket:read%20data:write"
Comments
You can follow this conversation by subscribing to the comment feed for this post.