Running into a weird auth issue with a simple GET request. I’m trying to list all queues via the API to feed into a dashboard script.
The endpoint is GET /api/v2/routing/queues.
I’ve got an OAuth token generated using client_credentials grant. The client definitely has the routing:queue:read scope attached, along with admin and user:profile:read. I’ve double-checked the token in jwt.io and the scopes look correct.
But when I hit the endpoint, I get a 403 Forbidden. The error payload is super brief:
{
"code": 403,
"message": "Forbidden",
"status": "Forbidden",
"errors": [
{
"message": "User does not have permission to perform this action."
}
]
}
What’s confusing is that if I use the same token to hit /api/v2/users/me, it works fine. I can see my profile. I can even hit /api/v2/routing/users and get a list of users without issue. It’s just the queues endpoint that’s blocking me.
I’ve tried revoking and regenerating the token. I’ve checked the user account associated with the OAuth client in Admin → Users and they have the “Routing Administrator” role.
Am I missing a specific scope that’s required for queue access? Or is there some permission mapping I’m overlooking in the role config?
Here’s the curl command I’m running just to be sure:
curl -X GET "https://api.mypurecloud.com/api/v2/routing/queues" \
-H "Authorization: Bearer <my_token>" \
-H "Accept: application/json"
Any ideas why the 403 is happening here?