Question about OAuth2 Token

Ask the Community
1

Hello.

I have a problem or question about token.

  1. I created a third party application and save client_id/client_secret

  2. I request a token via below curl command and received a token. (I specified the scope in curl command)
    curl -X POST -H “Content-Type: application/x-www-form-urlencoded” “https://<>/multipass/api/oauth2/token” -d “scope=api:usage:datasets-write” -d “grant_type=client_credentials” -d “client_id=<<client_id>>” -d “client_secret=<<client_secret>>”

  3. response.
    {“access_token”:“<<token_generated>>”,“scope”:“”,“expires_in”:3600,“token_type”:“bearer”}

  4. I also create another request (upload file) with above token_generated
    curl -X POST -H “Content-type: application/octet-stream” -H “Authorization: Bearer <<token_generated>>” “https://<>/api/v2/datasets/<>/files/a.pdf/upload?transactionType=APPEND” --data-binary @D:/awork/test/a.pdf

  5. But, I received an error that I don’t have permission.
    {“errorCode”:“PERMISSION_DENIED”,“errorName”:“ApiUsageDenied”,“errorInstanceId”:“38de12c0-8dea-48d1-92b9-c74aa3312e78”,“parameters”:{“missingScope”:“api:usage:datasets-write”}}

I specified an scope api:usage:datasets-write when I request a token, but errors are happening with response token.

What’s wrong in my process?

I need your comments.

Thank you

2

Hey !

It seems there is an issue with the scope indeed. Looking at the docs, it seems it is “api:datasets-write” and not “scope=api:usage:datasets-write”.
https://www.palantir.com/docs/foundry/api/v1/datasets-resources/files/upload-file/?productId=foundry&slug=datasets-resources&slug=files&slug=upload-file

Would you mind trying this alternative to see if that helps ?