INSUFFICIENT_SCOPES

We’re unable to give our developers a full list of permissions. Despite numerous attempts.

The list of permissions we wish to provide are:

1. ITEMS_READ
2. MERCHANT_PROFILE_READ
3. INVENTORY_READ
4. EMPLOYEES_READ
5. PAYMENTS_READ
6. INVOICES_READ
7. ORDERS_READ
8. CUSTOMERS_READ

We do this via the OAuth URL:
https://connect.squareup.com/oauth2/authorize?client_id=< our client id > &sscope=ORDERS_READ+INVOICES_READ+INVENTORY_READ+MERCHANT_PROFILE_READ+ITEMS_READ+EMPLOYEES_READ+PAYMENTS_READ+CUSTOMERS_READ&redirect_uri=https://www.serenaandlily.com

But when the developer retrieves the status of the current token using the code returned:
https://connect.squareup.com/oauth2/token/status

We only see these permissions provided
“scopes”: [
“BANK_ACCOUNTS_READ”,
“MERCHANT_PROFILE_READ”,
“PAYMENTS_READ”,
“SETTLEMENTS_READ”
]

Even when we try to create a code with JUST ITEMS_READ permission, it refuses. We’re stumped. What are we doing wrong?

1 post - 1 participant

Read full topic