Skip to main content
Solved

API patch action "status"=>403, "code"=>"permission_denied"

  • September 2, 2023
  • 6 replies
  • 209 views

Forum|alt.badge.img+1
  • Contributor II
  • 3 replies

I am trying to update field of one of my profiles and I am constantly getting:
klaviyo.profile_update('someprofileid')
=> {"errors"=>[{"id"=>"9a6ddf10-414f-4d4e-b455-d743396d97a1", "status"=>403, "code"=>"permission_denied", "title"=>"You do not have permission to perform this action.", "detail"=>"You do not have permission to perform this action.", "source"=>{"pointer"=>"/data/"}}]}

Using classic code sample in ruby:
 

module Klaviyo

class Api

API_URL = 'https://a.klaviyo.com/api/'

HEADERS = {

'Accept' => 'application/json',

'Content-Type' => 'application/json',

'Revision' => '2023-08-15'

}

 

def initialize

@api_key = ENV['KLAVIYO_KEY']

end

 

def call_api(http_method, endpoint, payload = nil)

url = URI("#{API_URL}#{endpoint}")

http = Net::HTTP.new(url.host, url.port)

http.use_ssl = true

 

headers = HEADERS.merge('Authorization' => "Klaviyo-API-Key #{@api_key}")

request = http_method.new(url, headers)

request.body = payload.to_json if payload

 

response = http.request(request)

JSON.parse(response.read_body) if response.read_body.present?

end

Best answer by Brian Turcotte

Hi @zire!
 

My apologies for the delay here! Can you confirm that the API key you’re using in these calls has full scope permissions?

 

If that’s not the issue, may I ask if you’ve used this same key and authorization header to make other API calls successfully?

 

Best,

Brian

View original
Did this topic or the replies in the thread help you find an answer to your question?

6 replies

Brian Turcotte
Forum|alt.badge.img+37

Hi @zire!

I’m going to check on this with Engineering and I’ll update the thread ASAP!

 

Best,

Brian


Forum|alt.badge.img
  • Contributor I
  • 1 reply
  • September 6, 2023

Same! Can't get anything through with postman.


Brian Turcotte
Forum|alt.badge.img+37
  • Klaviyo Alum
  • 1393 replies
  • Answer
  • September 24, 2023

Hi @zire!
 

My apologies for the delay here! Can you confirm that the API key you’re using in these calls has full scope permissions?

 

If that’s not the issue, may I ask if you’ve used this same key and authorization header to make other API calls successfully?

 

Best,

Brian


Forum|alt.badge.img
  • Contributor I
  • 2 replies
  • January 5, 2024

bump


Forum|alt.badge.img
  • Contributor I
  • 2 replies
  • January 5, 2024

I am getting the same issue, however there is no solution in this solved thread. API keys have full access, tried both manually selecting all custom ones and giving full access.

 


Brian Turcotte
Forum|alt.badge.img+37

Hi @ollie!

This should be fixed now - are you still experiencing the issue?

 

Best,

Brian