Change user's login api returns 403
Hello,
I am trying to change a user's login email address. Sometimes this API works for me, sometimes it doesnt and I am not sure why. I do not have access problems with the other APIs, only this one: https://docs.box.com/reference#changing-a-users-primary-login
GET https://api.box.com/2.0/users/removed for privacy/email_aliases
{
"total_count": 1,
"entries": [
{
"type": "email_alias",
"id": "5203057",
"is_confirmed": true,
"email": "***@example.com"
}]}
PUT https://api.box.com/2.0/users/removed for privacy
{"login": "***@example.com"}
response:
{
"type": "error",
"status": 403,
"code": "access_denied_insufficient_permissions",
"help_url": "http://developers.box.com/docs/#errors",
"message": "Access denied - insufficient permission",
"request_id": "removed for privacy5797dec1d1eb3"
}
-
A possilibity will be that access token was generated by a co-admin who has not enough permission to change user's property.. basically the API executer should be an admin or co-admin but if the co-admin doesn't have the permissions like "manage users" or " edit settings for your company" etc it should return a 403 forbidden error..to clarify the cause try to run same API with access token which genereated by real admin users..
Please sign in to leave a comment.
Comments
7 comments