Encountering a 403 Forbidden response when attempting to transfer an active IVR session to a specific queue using the Platform API endpoint POST /api/v2/flexible-engagement/sessions/{sessionId}/transfer. The request originates from our Premium AppFoundry integration, which handles high-volume routing logic before handing off to Genesys Cloud. The OAuth token possesses the flexible-engagement:write scope, and the target queue ID is verified as active and accessible within the tenant. However, the response body indicates a permission mismatch despite the app having administrative privileges in the organization.
The integration manages multi-tenant contexts, and this issue persists across different tenant environments, suggesting it is not isolated to a single configuration error. We have validated the session ID exists and is in an ‘active’ state prior to the transfer attempt.
- Confirmed the OAuth client has the necessary
flexible-engagement:writeandrouting:writescopes, and the token is refreshed immediately before the request. - Verified the target queue is enabled and has agents logged in, ruling out capacity issues as the cause for the rejection.
Any insights into specific permission requirements for IVR session transfers via API versus standard Architect flow behavior would be appreciated.