Getting a 403 Forbidden on the /api/v2/oauth/clients endpoint when trying to pull the full list. The token is valid for admin scopes, but the docs are vague on what’s actually needed to read client details. Trying to write a quick Python script to audit our OAuth clients and check their granted scopes against a baseline, but I can’t even get the initial list. Here’s the snippet:
import requests
import json
token = get_access_token() # Assume this works
headers = {'Authorization': f'Bearer {token}', 'Content-Type': 'application/json'}
response = requests.get(f'{base_url}/api/v2/oauth/clients', headers=headers)
print(response.status_code)
print(response.text)
The response body just says "message":"User does not have the required permissions to perform this operation." I’ve checked the user’s roles and they have oauth:client:read and oauth:client:write. Shouldn’t that be enough? Also, once I get the list, how do I efficiently check the scopes array for each client? The API returns a paginated list, so I need to handle the nextPage token. Is there a better endpoint or a specific SDK method that handles the pagination automatically? I’m using the genesys-cloud-python SDK v1.0.26. The oauth_client_api.list_oauth_clients method seems to return a ApiResponse object, but extracting the actual client list from the body attribute is throwing a KeyError. The structure looks different from what I expected. Maybe I’m missing a query parameter? Any pointers on the correct permission set or a working example of iterating through the results would be appreciated.