Looking for some advice on troubleshooting this 403 Forbidden error when attempting to create a new script via the Scripting API. The initial OAuth exchange succeeds for the primary tenant, but subsequent calls to POST /api/v2/scripts using the multi-org access token return 403 with error_code: "access_denied". This behavior is consistent across all ap-southeast-1 instances for our AppFoundry integration, despite the token possessing the required scripts scope. We are using the Node.js SDK v2.4.1 and have verified the token validity via the introspection endpoint.
you need to check the role permissions on the specific organization. the multi-org token inherits access from the initial grant, but script creation requires explicit admin rights per org. in zendesk, global admin worked everywhere, but gc is stricter. verify the role assignment in the target org settings.