How to use access_token? (api.smartsheet.com/2.0/token)
Node.js
How to use access_token?
I'm making a request:
axios.post('https://api.smartsheet.com/2.0/token')...
response:
{
access_token: 'xxx',
token_type: 'bearer',
refresh_token: 'xxx',
expires_in: 604799
}
var smartsheet = client.createClient({
accessToken: 'xxx',
logLevel: 'info',
});
But the result is always the same:
statusCode: 403,
errorCode: 1004,
message: 'You are not authorized to perform this action.',
refId: 'cdx056'
Why is that? Why is the access Token incorrect?
Best Answer
-
Hey @Bortyk
An Access Token will only provide you with the same permissions and access that the account has in the Smartsheet UI.
For example, if you're trying to Edit a sheet through the API, you'll need to have at least Editor permissions on that sheet in the UI.
I would suggest making sure that the account you're using to access the API has the correct permissions on each item and also in the account as well (e.g. if it needs to be a System Admin for the plan or not).
Cheers,
Genevieve
Need more help? 👀 | Help and Learning Center
こんにちは (Konnichiwa), Hallo, Hola, Bonjour, Olá, Ciao! 👋 | Global Discussions
Answers
-
All I've realized now is that this token doesn't have enough access rights to make requests. All I managed to do was get data about myself using the smartsheet_client code
.Users.get_current_user()
How do I get more rights? How exactly should this be prescribed and where?
-
Hi @Bortyk,
The error message you're getting usually occurs when the Authentication header is set incorrectly- the bearer may not have been added to the header value or there isn’t a space between Bearer and the access token.
More information on this is outlined in the following Smartsheet API documentations:
- The complete list of error codes for Smartsheet API- see your error code listed there
- The resolution of these errors
To generate a new access token:
- On the left Navigation Bar, select Account.
- Select Apps & Integrations.
- In the Personal Settings form, select API Access.
- In the API Access tab, select Generate new access token.
- You can also revoke existing tokens in this tab.
More information on this is outlined in the Help article here. Additionally, there is a community of developers that can be a great resource for troubleshooting issues regarding your use case.
Thanks,
Hamza
-
All I've realized now is that this token doesn't have enough access rights to make requests. All I managed to do was get data about myself using the smartsheet_client code
.Users.get_current_user()
How do I get more rights? How exactly shosduld this be prescribed and where?
Need use SCOPE
app.get('/auth2', (req, res) => { const authUrl = 'https://app.smartsheet.com/b/authorize'; const params = { response_type: 'code', client_id: 'xxxxxxxx', // CLIENT_ID scope: 'ADMIN_SHEETS ADMIN_USERS READ_SHEETS READ_USERS READ_CONTACTS WRITE_SHEETS' }; const url = authUrl + '?' + new URLSearchParams(params); res.redirect(url) }); -
Hey @Bortyk
An Access Token will only provide you with the same permissions and access that the account has in the Smartsheet UI.
For example, if you're trying to Edit a sheet through the API, you'll need to have at least Editor permissions on that sheet in the UI.
I would suggest making sure that the account you're using to access the API has the correct permissions on each item and also in the account as well (e.g. if it needs to be a System Admin for the plan or not).
Cheers,
Genevieve
Need more help? 👀 | Help and Learning Center
こんにちは (Konnichiwa), Hallo, Hola, Bonjour, Olá, Ciao! 👋 | Global Discussions
Categories
- All Categories
- 14 Welcome to the Community
- Smartsheet Customer Resources
- 64.2K Get Help
- 419 Global Discussions
- 221 Industry Talk
- 461 Announcements
- 4.8K Ideas & Feature Requests
- 143 Brandfolder
- 142 Just for fun
- 58 Community Job Board
- 462 Show & Tell
- 32 Member Spotlight
- 1 SmartStories
- 299 Events
- 38 Webinars
- 7.3K Forum Archives
