Change in Okta sdk behavior - 403 Access forbidden

We have been using the sdk for some time now and just today for one environment/tenet we are receiving a “HTTP 403, Okta E0000006 (You do not have permission to perform the requested action)” every time we try to call client.listPolicies(policyType.toString()).

Does anyone know why this is happening or how to fix it?

How are you currently authorizing the call? Do other requests succeed?

We set the client credentials with a TokenClientCredentials when the client is instantiated.

        client = Clients.builder()
            .setClientCredentials(new TokenClientCredentials("${apiToken}"))

We are able to make calls with the client and other requests aren’t failing.

I’ve been able to follow the api token back to the service account on the Okta Admin site but I’m not sure what to look for in terms of permissions or troubleshoot.

Ok our admin gave the service account App admin permissions and that fixed it. The account didn’t use to have this so we’re not sure what caused the change but it’s working again!

1 Like

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.