ebay-api
ebay-api copied to clipboard
hendt
Access denied: Insufficient permissions to fulfill the request
Hello,
I've written this simple script:
const _fulfillment = eBay.factory.createSellApi().fulfillment;
_fulfillment.getOrders().then(item => {
console.log(JSON.stringify(item, null, 2));
}).catch(e => {
console.error(JSON.stringify(e));
});
And am getting this error:
EBayAccessDenied: Access denied: Insufficient permissions to fulfill the request.
at EBayAccessDenied.EBayError [as constructor]
Can you help me diagnose what's wrong with the permissions? Is that on the @hendt/ebay-api library side or my eBay sandbox configuration?
Hm why are you using eBay.factory.createSellApi()?
Take a look in example: https://github.com/hendt/ebay-api/blob/master/examples/restful/sell/getOrder.ts
The eBayApi.fromEnv(); will try to get config from your env variables. In your case you will probable want to use this:
const eBay = new eBayApi({
appId: 'appId',
certId: 'certId',
devId: 'devId',
sandbox: true,
siteId: 77,
});
Hi, I am getting this same error. Mine is this:
{
errors: [
{
errorId: 1100,
domain: 'ACCESS',
category: 'REQUEST',
message: 'Access denied',
longMessage: 'Insufficient permissions to fulfill the request.'
}
]
}
When initially minting a new user, I have set the scopes like so...
eBay.auth.oAuth2.setScope([
'https://api.ebay.com/oauth/api_scope',
'https://api.ebay.com/oauth/api_scope/sell.marketing.readonly',
'https://api.ebay.com/oauth/api_scope/sell.marketing',
'https://api.ebay.com/oauth/api_scope/sell.inventory.readonly',
'https://api.ebay.com/oauth/api_scope/sell.inventory',
'https://api.ebay.com/oauth/api_scope/sell.account',
'https://api.ebay.com/oauth/api_scope/sell.account.readonly',
'https://api.ebay.com/oauth/api_scope/sell.fulfillment.readonly',
'https://api.ebay.com/oauth/api_scope/sell.fulfillment',
'https://api.ebay.com/oauth/api_scope/sell.analytics.readonly',
'https://api.ebay.com/oauth/api_scope/sell.finances',
'https://api.ebay.com/oauth/api_scope/sell.payment.dispute',
'https://api.ebay.com/oauth/api_scope/commerce.identity.readonly',
]);
All the things work fine immediately after this first User token is created.
And so, I am using this to try to re-authorize the token...
token = await eBay.oAuth2.refreshToken()
Then I tried doing something which requires a User token, like obtaining seller privileges.
// inside an expressJS endpoint...
try {
let result = await fetch(
`https://api.ebay.com/sell/account/v1/privilege`,
{
method: "GET",
headers: {
Authorization: `Bearer ${access_token}`,
Accept: "application/json",
"Content-Type": "application/json"
}
}
)
let sellerPrivileges = await result.json()
console.log(`Successfully obtained the sellerPrivileges, sending back now...`, sellerPrivileges)
res.json(sellerPrivileges)
} catch (e) {
console.log(`Got an error...`, e)
res.status(400).json(e)
}
It results in the initial error in my post... Insufficient permissions to fulfill the request.
The await eBay.oAuth2.refreshToken() is supposed to result in User token with identical privileges right?
@doverradio
Yes, await eBay.oAuth2.refreshToken() should refresh with the same scope as you can see here: https://github.com/hendt/ebay-api/blob/master/src/auth/oAuth2.ts#L217
However, this is not required since the token should be refreshed automatically...: Maybe it helps if you use the API instead of fetch?
eBay.sell.account.getPrivileges().then(order => {
console.log('privileges', JSON.stringify(order, null, 2));
}).catch(e => {
console.error(e);
});
@dantio I switched over to your code and it worked for a bit but this is now the error...
EBayAccessDenied: Access denied
at EBayAccessDenied.EBayError [as constructor] (/root/ebay-selling/backend/node_modules/@hendt/ebay-api/lib/errors/index.js:26:47)
at new EBayAccessDenied (/root/ebay-selling/backend/node_modules/@hendt/ebay-api/lib/errors/index.js:112:28)
at Account.<anonymous> (/root/ebay-selling/backend/node_modules/@hendt/ebay-api/lib/api/restful/index.js:217:27)
at step (/root/ebay-selling/backend/node_modules/@hendt/ebay-api/lib/api/restful/index.js:44:23)
at Object.next (/root/ebay-selling/backend/node_modules/@hendt/ebay-api/lib/api/restful/index.js:25:53)
at /root/ebay-selling/backend/node_modules/@hendt/ebay-api/lib/api/restful/index.js:19:71
at new Promise (<anonymous>)
at __awaiter (/root/ebay-selling/backend/node_modules/@hendt/ebay-api/lib/api/restful/index.js:15:12)
at Account.Api.handleEBayError (/root/ebay-selling/backend/node_modules/@hendt/ebay-api/lib/api/restful/index.js:208:16)
at Account.<anonymous> (/root/ebay-selling/backend/node_modules/@hendt/ebay-api/lib/api/restful/index.js:174:51)
at step (/root/ebay-selling/backend/node_modules/@hendt/ebay-api/lib/api/restful/index.js:44:23)
at Object.throw (/root/ebay-selling/backend/node_modules/@hendt/ebay-api/lib/api/restful/index.js:25:53)
at rejected (/root/ebay-selling/backend/node_modules/@hendt/ebay-api/lib/api/restful/index.js:17:65)
at runMicrotasks (<anonymous>)
at processTicksAndRejections (internal/process/task_queues.js:97:5) {
meta: { errors: [ [Object] ] }
Is it that I pass the error object to refreshToken() and try it again?
I am having this same issue. I'm using the sell api, with OAuth method of authentication. When I obtain a fresh token via the authorization flow, this works for the duration of the token (2 hours). Then I receive the same error. I have enabled auto refresh and see the on refresh event being fired however this is not working. Any help would be great as this greatly limits the ability to do offline processing.
UPDATE: For this struggling with this issue. The problem is that you must set the scopes required when creating new eBayAPi. This is an array of strings passed into the scope attribute. The reason for this is that per the documentation the default value for scope is ['https://api.ebay.com/oauth/api_scope'] which does not get you much. Good Luck and thanks for the great library!
