403 on granted scope

Integrations · December 14, 2025, 8:35am

Hi
I updated a working app integration in the OIN Manager and granted the application the scopes ‘okta.domains.read’ & ‘okta.emailDomains.read’.

I created a test app by clicking on “Test in Okta” and executed the following API endpoints and received 403 error:

/api/v1/email-domains
/api/v1/domains

Okta OIN support told me to send an email to developers@okta.com but I’m getting back a message saying the address is not valid.

Will appreciate any help on how to solve the HTTP 403 errors.

All other scopes are working well.

vk-giri · December 15, 2025, 3:43am

Hi,

What is the endpoint that the application is hitting, which results in the 403?

Integrations · December 29, 2025, 3:02pm

These are the API endpoints returning 403:

/api/v1/email-domains
/api/v1/domains

vk-giri · January 5, 2026, 5:59am

What is the Admin role assigned to the application? I would assume anything below Super Admin would throw the 403 error.

system · February 4, 2026, 6:00am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Post		Replies	Views
Authorizing API service app with okta.orgs.read or okta.orgs.manage scope causes error OIN Submissions	0	980	March 25, 2024
403 Forbidden when trying to access api-services endpoint API	4	77	October 27, 2025
403 error code for bearer token generated with correct scope - Okta.NET SDK OAuth/OIDC o4o	6	189	November 15, 2024
Getting 403 error when trying to login - New user API	1	53	August 19, 2024
/users/#{user_id}/factors endpoint returns 403 API	7	1771	August 29, 2023