Quick question about disconnecting a specific participant from a conference call using the Conversations API. I am sending a POST request to /api/v2/conversations/calls/{conversationId}/participants/{participantId}/disconnect from my SvelteKit server route, but I keep getting a 403 Forbidden response. The JWT token has the conversation:control scope, and the conversation ID is definitely a conference. Why is this endpoint rejecting the request?
The easiest fix here is this is to verify your token actually includes conversation:control:write in the decoded payload, not just read scopes.
A 403 here usually means the JWT lacks write permissions for participant management.
# Verify scope in your token payload
assert "conversation:control:write" in decoded_token.get("scope", "").split()