-
I’ve spent hours trying to figure out why my Python FastAPI proxy is consistently receiving a 403 Forbidden error when attempting to trigger an outbound call using the CXone Personal Connection API, despite having valid OAuth tokens.
-
Here is the relevant httpx async client configuration and request payload I am using to invoke the endpoint:
async def trigger_personal_call(token: str, contact_id: str):
url = "https://api.nice-incontact.com/uxapi/v1/personal-connections/outbound"
headers = {"Authorization": f"Bearer {token}", "Content-Type": "application/json"}
payload = {
"contactId": contact_id,
"phoneNumber": "+15550199",
"type": "voice"
}
async with httpx.AsyncClient() as client:
response = await client.post(url, headers=headers, json=payload)
return response.status_code
-
The error response body indicates “Insufficient permissions for the requested action,” which is puzzling because the same token successfully queries user profiles via the standard REST API.
-
I have verified that the application scope includes
cxone:personal-connections:writeand that the impersonated user has the necessary role permissions in the CXone admin console. -
Is there a specific header or sub-scope required for the Personal Connection endpoints that is not documented in the standard OpenAPI spec, or am I missing a prerequisite configuration step in the code?