Showing results for 
Search instead for 
Did you mean: 

(SOLVED) permission denied accessing /payments/sale/


(SOLVED) permission denied accessing /payments/sale/



I created new sandbox account of time MERCHANT and linked sandbox app to that account, now when OAuth'ing I also get more scopes:


"scope":"** openid

more permissions and the calls work like a charm. It also seems like not/providing secret changes permissions scopes (which makes sense) - which however should imho be noted in the documentation.



Original Post:




I've registered for a webhook 'PAYMENT.SALE.COMPLETED' event which works fine, after buyer confirms his sale my hook get's called and I get a feed on that sale event - the Event validates fine ( Chain Valid / Data Valid ).


Now I want to access that sale information via REST API:<resource_id> which does not allow me so; I get a HTTP 403 with


{"name":"PERMISSION_DENIED","message":"No permission for the requested operation","information_link":"","debug_id":"49c78f68d25fd"}

the OAuth token for this call I have created with same Client-ID which received the Event via Webhook.


If I am about to execute a /refund on this sale, the API response tells me: HTTP401 Unauthorized


And if I want to obtain the Payment information ( parent_payment link ) it yields to HTTP 400 Bad Request and response is

{"name":"UNAUTHORIZED_PAYMENT","message":"Unauthorized payment","information_link":"","debug_id":"564de30fd2632"}

When using the dashboard I can see all details of the transaction fine.


Do I have to ask someone for special permissions on REST API or what could be the issue?


any hint appreciated