Does anyone understand why the wfm:schedule:export permission is triggering a 403 Forbidden response when our automated compliance reporting script attempts to pull the last 24 hours of schedule adherence data? We are running a BYOC Edge deployment in the America/Chicago timezone, and the service account used for this integration has been explicitly granted the wfm:schedule:read and wfm:analytics:read roles, yet the /v2/wfm/schedules/exports endpoint consistently rejects the request with {'error_summary': 'Forbidden', 'error_code': 'forbidden_exception', 'details': 'User does not have permission to perform this action.'}. This issue emerged immediately after our security team tightened the RBAC policies to align with new SOC 2 Type II requirements, effectively removing the legacy admin role from all non-human accounts. The script runs every Monday at 06:00 CST to generate the weekly shift swap audit trail, and it was functioning correctly until the permission update went live on Friday. We have verified the OAuth token is valid and has the correct wfm scope, so the authentication layer is not the bottleneck. The problem seems strictly related to the authorization matrix for the specific export action within the Workforce Management module. Is there a hidden dependency on the wfm:management:admin role that is not documented in the standard API reference for schedule exports? Or is there a specific policy attribute we need to enable on the BYOC Edge instance to allow programmatic access to compliance-grade schedule data? We need a resolution by tomorrow morning to ensure our weekly adherence reports are generated on time, as the manual export process is too time-consuming for our volume of shift swaps. Any insights into the required permission hierarchy for this endpoint would be greatly appreciated, as we want to avoid granting broader admin rights just to bypass this specific block.