0

I belive I have a well-formed Admin API Alerts() POST hitting the proper endpoint; however, the response is always returning with a Network 403 - Forbidden Error with the response payload set to error code 40:

{
    "errorCode": 40
}

My parameterized endpoint request looks as follows: https://banno.com/a/mobile/api/v0/institutions/{{institutionId}}/users/{{userId}}/alert/send/generic

The institutionId is set to a constant provided by the client, and the userId is set to the sub claim provided the a customer OAuth PKCE authentication.

Additionally, my Authorization Bearer token is set to a valid access token generated using the banno-client-creds-helper tool and the Client Credentials OAuth flow. It looks good decoded as well(jwt.io).

I have looked the the API documentation, but I can find a list of error codes to get more details on errorCode: 40, and why my reqeust is failing with a 403.

I am using Postman to POST to the Alert() endpoint:

()

Dan Coughlin
  • 1,104
  • 10
  • 14
  • Does your [Associated User}(https://jackhenry.dev/open-api-docs/admin-api/overview/authentication/associateduser/) for the Admin API have the "Manage institution messages" permission? – Jaime Lopez Jr. Sep 01 '23 at 16:57
  • Yes, our _Assocated User_ has the "**Manage institution messages**" permission enabled under _Profile -> Permissions -> Messages_ – Dan Coughlin Sep 02 '23 at 07:09

0 Answers0