Solved

Invalid scopes: account.user+offline_access

  • 27 March 2023
  • 6 replies
  • 60 views

I'm trying to generate ACCESS TOKEN with  account.user+offline_access scope and I keep getting Invalid scope error. Is there a differnt way to specify multiple scopes ?


Invalid scopes: account.user+offline_access

 

icon

Best answer by Michael B101 7 February 2024, 16:10

View original

Comments

Badge +1

The `account.user` scope is limited to account tokens as described here

Are you using the `user token` endpoint (/authorize)?  That endpoint does not recognize this scope and will return this error.  Try "https://lucid.app/oauth2/authorizeAccount" and I believe you will no longer get this failure with those scopes.

@mbowers I am using an /authorizeAccount endpoint. I figured that The search parms which is URL encoded on my end is not being decoded ? If however I replace it manually as account.user+offline_access It works fine 

 

https://lucid.app/oauth2/authorizeAccount?client_id=dummy&state=dummy&redirect_uri=https%3A%2F%2Flucid.app%2Foauth2%2Fclients%dummy%2Fredirect&scope=account.user%2Boffline_access
Badge +1

Thanks I understand your question now. In my testing %2B also did not work which I would expect it to. However I did have success with %20 as "space delimiting" is commonly used with OAuth2 scopes. Hopefully your tool will allow you to provide a space.

Let me know if that does not work. In the meantime l'll submit a bug as %2B should function correctly.

 

That worked thanks @michael b101

Badge

Hi @Michael B101 I have developer access to a lucid account, is there any way to generate an account token since I want to use  List Users API 

Badge +1

Account tokens can be generated by using the authorization endpoint `/authorizeAccount`. Note that the user authorizing the token must have admin privileges on the account.

You can find more information at account-tokens and authorization-endpoints

Reply