Pushed the compliance recording module to client staging org using genesys-cloud-sdk-js@3.61.0. Screen recording endpoint doing jack all. Keeps rejecting the fetch request with 403 Forbidden. Payload structure doesn’t deviate from the docs. OAuth token refresh flow works fine for core routing APIs. Multi-org setup uses separate client secrets for each environment. Recording playback URL generation doesn’t work right after agent session ends. It’s throwing the timeout consistently. Logs show bearer token expires 30 seconds before recording gets finalized. Architect flow triggers webhook on disposition change. Webhook payload arrives but recording status still reads pending. Testing retry interval at 5000ms changes nothing. Storage bucket policy allows cross-origin requests. Console shows CORS errors when frontend tries to load playback iframe. Rate limits aren’t hitting threshold. Client’s on Enterprise plan. Staging org ID ends in 8842. SDK version definitely matches latest release. Endpoint is POST /api/v2/analytics/screenrecordings/query. Response body returns:
{
"code": "forbidden",
"message": "Access denied for recording scope",
"status": 403
}