Why am I getting "403 Forbidden" error when accessing Constituent endpoint?

Wayne Lopez
Wayne Lopez
Name Dropper Facilitator 1
in Blackbaud Raiser's Edge NXT® APIs

I can GET constituent information via the Constituent endpoint just fine, but when I make a POST to create a new constituent, I am getting a “403 Forbidden” error. I assume it has something to do with permissions but I have read, write, and delete permissions in my scope so I'm not sure what's causing it.

Comments

  • Chris Rodgers
    Chris Rodgers Blackbaud Employee
    Ninth Anniversary Kudos 2 Name Dropper Participant

    Hey @Wayne Lopez, it appears that your application is accessing the SKY Developer Cohort environment, authorized by your user account. When you received your invitation to the SKY Developer Cohort, you should have received an email explaining that your account was invited with Read-Only access to this environment. You can follow up with the SKY API inbox to request Write access in this environment.

    Keep in mind--While application scopes can be used to limit the access that an application has, the users' permissions also dictate the data that the user of your application can access. Your application cannot access data the the authorizing user wouldn't have access to. More on this: https://developer.blackbaud.com/skyapi/docs/security#authorization

Categories