insufficient_scope when trying to access files api in Xero with OAuth2

Question

I make a Get request to https://api.xero.com/files.xro/1.0/Folders. It returns the following response with 'insufficient_scope'.

{StatusCode: 401, ReasonPhrase: 'Unauthorized', Version: 1.1, Content: System.Net.Http.StreamContent, Headers:
{
  Xero-Correlation-Id: 0d0de4f4-9f8f-4592-9150-178ad2fedb25
  Pragma: no-cache
  Connection: keep-alive
  X-Client-TLS-ver: tls1.2
  Cache-Control: no-store, no-cache, max-age=0
  Date: Tue, 21 Jan 2020 04:13:44 GMT
  Server: Kestrel
  WWW-Authenticate: insufficient_scope
  Content-Length: 124
  Expires: Tue, 21 Jan 2020 04:13:44 GMT
}}

When authorizing, the scope includes 'file'. Anything else I should include in the scope? Or any other setting missing?

(Requests to accounting.contacts using the same token/tenantid are successful. I use the demo company.)

score 0 · Answer 1 · answered Jan 21 '20 at 04:46

0

The name of the scope you'll need when authorising is files rather than 'file'. You can check the scopes that are on the token you're using by going to jwt.io or similar.

answered Jan 21 '20 at 04:46

rustyskates

856
4
10

insufficient_scope when trying to access files api in Xero with OAuth2

1 Answers1