The Spring Cloud Data Flow for VMware API can be queried using the following steps:

1. Create a service key for the Data Flow instance
2. Curl UAA endpoint to request an auth token
3. Use this token to curl the Data Flow API

In tile versions below Spring Cloud Data Flow for VMware API 1.6.7, there is an issue with this process where the token is authenticated successfully but is not given the correct role. This results in the curl to the Data Flow API returning a status "403" with the error "Forbidden", as follows:

curl -k https://dataflow-<guid>.<apps-domain>/streams/definitions -H "Authorization: Bearer <token>"

{"timestamp":"2020-02-19T00:21:07.019+0000","status":403,"error":"Forbidden","message":"Forbidden","path":"/apps/app/<app-name>"}

The error is seen for all endpoints paths beyond the base API URL: https ://dataflow-<guid>.<apps-domain>/xxx