Running into a weird auth issue with a shared module pattern in .
We’ve got a Common Module flow (Flow ID: cm-shared-validation) that handles complex address verification. Instead of duplicating the logic in five different inbound flows, I’m trying to call it via the API from the main flow using a .
Here’s the code:
var proxy = GetRESTProxy();
var payload = {
"flowId": "cm-shared-validation",
"input": {
"address": {{contact.address}}
}
};
var response = proxy.post("/api/v2/flows/executions", payload);
The weird part is the 403 Forbidden response. The error message says "errorSummary": "Unauthorized".
I checked the token being used in the environment context. It’s valid for the main flow execution. I even tried adding a custom header with a hardcoded Bearer token in the just to test, but that failed too.
Is the REST Proxy in restricted from triggering other flows? Or is there a specific permission scope I’m missing on the application user associated with the runtime?
Tried:
- Checking the Flow ID spelling (triple checked)
- Verifying the user has “Flow Execution” rights
- Logging the token expiry (it’s fresh)
Nothing works. The endpoint /api/v2/flows/executions seems to reject calls coming from within a script context.