New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Stratconn 2695 eliminate 403 missing scopes errors #1432
base: main
Are you sure you want to change the base?
Stratconn 2695 eliminate 403 missing scopes errors #1432
Conversation
perform: (request, { payload, settings }) => { | ||
perform: async (request, { payload, settings, auth }) => { | ||
let response | ||
try { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@hvardhan-unth - I don't think its a good idea to add another API call to validate scope. The API call should be a one time activity when the customer sets up the destination. Could we do it differently?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, Now we are getting scopes from settings instead of calling extra API.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Echoing what Varada mentioned. Adding another scope could potentially break the existing tokens. Let's explore alternatives.
Over the last 30 days, 1.3% of the app's API calls (2M) resulted in 403 errors. All of these are due to some 59 portals missing the analytics.behavioral_events.send scope necessary to access the Custom Behavioral Events API (POST /events/v3/send). So, in this PR applied check on access-token for a scope for Custom behavioural event action when user perform the action.
JIRA ticket link:- https://segment.atlassian.net/browse/STRATCONN-2695
Testing
Include any additional information about the testing you have completed to
ensure your changes behave as expected. For a speedy review, please check
any of the tasks you completed below during your testing.