{
"error": "403 Forbidden",
"message": "Access denied for resource /api/v2/architect/trunkgroups/ohio-byoc-pool",
"details": "OAuth scope insufficient or token expired"
}
Trying to wire up a Data Action to auto-flip the Ohio BYOC trunk group priority when Bandwidth goes south. The keepalive logic isn’t catching the UDP drops fast enough. Remember last Tuesday when the backoff broke the prod queue for 4 hours? Trying to avoid that mess. Building a custom health check that hits the trunk group endpoint. Data Action uses genesys.cloud.request with a standard OAuth2 token generated from the integration credentials.
Token has architect:trunkgroups:write scope checked. Verified in the console. Yet the execution log spits out that 403 every single time. Ran the same curl command from my laptop using the exact same token and it returns the JSON payload fine. Weird.
Environment is us-east-1, Architect v2024.3.1. The Data Action is running in the us-east-1 region too. Ohio trunk group ID is hardcoded for now. Failover priority is set to 1 for primary, 2 for secondary Twilio trunk. We’ve got 15 BYOC trunks across regions, this Ohio one is the worst offender. Bandwidth is dropping registrations randomly. Twilio secondary is doing jack all, just sitting there.
Checked the Data Action execution history. Payload looks clean.
{
"method": "GET",
"url": "/api/v2/architect/trunkgroups/ohio-byoc-pool",
"headers": {
"Authorization": "Bearer <token>",
"Content-Type": "application/json"
}
}
Response body is just empty with the 403 status. No hints. Maybe the token is being revoked when the Data Action context switches? Or is there a weird IP allowlist blocking the internal execution engine? Doing jack all to debug this. Logs don’t show anything useful.
Tried switching to a PATCH request to update the priority directly. Same 403. Token is valid for 24 hours, generated fresh. Console shows the integration has full admin rights. Tried adding x-gc-locale header. Nope. Tried appending the org ID to the URL. 404.
Ohio pool is flapping again. Mic stays hot on the primary. Data Action timeout set to 30s.
2024-05-22T14:12:03Z [WARN] DataActionExecution: Request failed with status 403
2024-05-22T14:12:03Z [INFO] TokenRefresh: Token valid until 2024-05-23T14:00:00Z
Token scope dump confirms architect:trunkgroups:write.