A validated user refresh token receives HTTP status code 403 when creating groups, users, roles or rights in VCF Automation
search cancel

A validated user refresh token receives HTTP status code 403 when creating groups, users, roles or rights in VCF Automation

book

Article ID: 434799

calendar_today

Updated On:

Products

VCF Operations/Automation (formerly VMware Aria Suite)

Issue/Introduction

When running the VCF Automation API call to `Create Group` the HTTP response is a status code 403.

The token is validated and active.

The token can be used to view groups and perform other GET REST API calls for users, groups, roles and rights.

The token can be used for GET and POST REST API calls for other actions that are allowed to the user.

If the same user is logged into the UI, the user can create a group in the UI.

Environment

VCF Automation

Cause

As described in the VCF 9.0 and Later - Provider Management - Generate an API Access Token Using Your VCF Automation Provider Management Portal documentation

When accessing VCF Automation by using an API access token, applications have only view rights for the following resources.
  • User
  • Group
  • Roles
  • Global roles
  • Rights bundles

Resolution

In order to create or delete groups, users, roles, global roles or rights bundles via API you will nee to use a service account to retrieve the bearer token and use that token in the API call.

Additional Information

REST calls for Service Provider Administration

Get Your Access Token for the VCF Automation API

Powered by Wolken Software