Steps to Reproduce: 

1. Create an Object:
   1. Classic UI -> Administration -> Studio -> Objects -> Click on New
   2. Object Name of your choosing
   3. Object ID of your choosing
   4. Master Object
   5. Object Extension = Investment Extension
2. Create an API Key:
   1. Modern UX -> Profile Icon -> API Keys -> Create a new API Key
   2. Access Type = All Access
3. Create an instance of the object from Step 1:
   1. Modern UX -> Investments -> Object from Step 1 -> Create Instance
4. Use an API client such as Postman to obtain instances of the object from Step 1:
   1. For example: Postman -> GET http://example.net/ppm/rest/v1/custAzzs
   2. Provide x-api-ppm-client header appropriately
5. Create another object. Same steps as Step 1(a) to Step 1(e)
6. Try to do a GET call to obtain instances of this new object from Step 5 using the same API key as in Step 4
   1. For example: Postman -> GET http://example.net/ppm/rest/v1/custAzzzs

Expected Results: Step 6 produces a result similar to step 4

Actual Results: 

1. Following error is obtained as a response to the GET call

{

    "resourceId": null,

    "httpStatus": "401",

    "errorMessage": "API-1007 : You are not authorized to process request. Contact your system administrator for necessary security rights.",

    "errorCode": "api.unauthorized"

}

2. The app-ca.log logs the following message:

WARN  2023-10-17 05:47:22,299 [http-nio-1613-exec-3027] ppm.rest (clarity:SomeRandomUser:SomeRandomSession:PPM_REST_API) (SomeRandomSession) User SomeRandomUser tried to GET resource [resource name: custAzzzs, resource id: null] but does not have permission.

Workaround:

1. Create a new API Key after the new object creation
2. Flush server side  cache

DE78063

DE78063 is fixed in version 16.2.0.