Invalid scopes: account.user+offline_access

  • 27 March 2023
  • 6 replies

I'm trying to generate ACCESS TOKEN with  account.user+offline_access scope and I keep getting Invalid scope error. Is there a differnt way to specify multiple scopes ?

Invalid scopes: account.user+offline_access



Best answer by Michael B101 7 February 2024, 16:10

View original


Badge +1

The `account.user` scope is limited to account tokens as described here

Are you using the `user token` endpoint (/authorize)?  That endpoint does not recognize this scope and will return this error.  Try "" and I believe you will no longer get this failure with those scopes.

@mbowers I am using an /authorizeAccount endpoint. I figured that The search parms which is URL encoded on my end is not being decoded ? If however I replace it manually as account.user+offline_access It works fine
Badge +1

Thanks I understand your question now. In my testing %2B also did not work which I would expect it to. However I did have success with %20 as "space delimiting" is commonly used with OAuth2 scopes. Hopefully your tool will allow you to provide a space.

Let me know if that does not work. In the meantime l'll submit a bug as %2B should function correctly.


That worked thanks @michael b101


Hi @Michael B101 I have developer access to a lucid account, is there any way to generate an account token since I want to use  List Users API 

Badge +1

Account tokens can be generated by using the authorization endpoint `/authorizeAccount`. Note that the user authorizing the token must have admin privileges on the account.

You can find more information at account-tokens and authorization-endpoints