We are trying to restrict an OAuth client to specific divisions for our BPO tenants. The goal is to have one backend service that manages queues without seeing other tenants’ data. I am using the Genesys Cloud Admin SDK to create the client. I passed a list of division IDs in the request body. The API returns a 400 Bad Request. The error message says “Invalid input.” I checked the division IDs. They are valid. I can see them in the UI. I tried passing the division URI instead of the ID. Same error. I tried passing a single division. Same error. I am using the latest version of the Python SDK. Here is the code snippet. It looks correct. I am not sure what is wrong. Is there a specific format for the division array? I have tried strings and objects. Nothing works. I am stuck.
from genesyscloud.auth import get_auth_client
from genesyscloud.platform_client import PlatformClient
auth_client = get_auth_client()
token = auth_client.get_oauth_token()
client = PlatformClient(token)
new_client = {
"name": "BPO Integration Client",
"grant_type": "client_credentials",
"scopes": ["view::queue", "read:queue"],
"redirect_uris": ["https://myapp.com/callback"],
"divisions": ["division-id-123", "division-id-456"]
}
result, response = client.auth.oauth_client_create(new_client)
print(result)
The error is generic. It does not tell me which field is bad. I have checked the API docs. They say divisions is an array of strings. That is what I am passing. Why is it failing? I need this to work for the multi-tenant setup. Any help is appreciated. I am going to try the raw API next if this doesn’t work. But I want to use the SDK. It is easier. Thanks.