Configuration is broken for some reason. I am trying to programmatically start a cobrowse session via the Conversations API.
I send a POST to /api/v2/conversations with the cobrowse type and valid participant details. The response is consistently 403 Forbidden.
Here is the payload snippet: {"type": "cobrowse", "to": [{"id": "agent_id"}]}. Why is the API rejecting this request?
You should probably look at at the OAuth scopes for your service account. The conversation:cobrowse scope is mandatory for initiation. Also, ensure the user has the cobrowse:manage permission in their profile. Here is the Python SDK check: client.auth_api.get_auth_user_info() to verify scopes. Missing scopes cause 403s.
The best way to fix this is to verify that your platformClient instance is explicitly configured with the conversation:cobrowse:write OAuth scope, as the generic conversation:cobrowse read scope is insufficient for initiation. In Kotlin, when initializing the PureCloudPlatformClientV2, ensure the OAuthClientConfiguration includes the write scope. The 403 often stems from the service account lacking the specific permission set rather than just the scope. You must also confirm that the to participant object includes the correct type field, which should be PERSON for agents or GROUP for skills-based routing, otherwise the backend rejects the payload structure before permission checks. Here is the corrected Kotlin setup for the client and the payload structure:
val config = OAuthClientConfiguration(
clientId = "your_client_id",
clientSecret = "your_secret",
scopes = listOf("conversation:cobrowse:write", "cobrowse:manage")
)
val client = PureCloudPlatformClientV2(config)
// Payload structure
val cobrowseRequest = CobrowseConversationRequest(
type = "cobrowse",
to = listOf(Participant(id = "agent_id", type = "PERSON"))
)
client.conversationsApi.postConversations(cobrowseRequest)
I encountered similar 403s when the cobrowse:manage permission was missing from the user profile assigned to the service account. Check the user’s permissions in Admin > Users > [User] > Permissions. If the scope is correct but the permission is missing, the API will return 403. Also, ensure the agent is available and not in a status that prohibits cobrowsing, such as “Offline”. This methodical debugging approach isolates scope, permission, and participant state issues efficiently.