Symptom
Error message "Unauthorized access to catalog search" appears when using API Catalogsearch to get item details.
API call example: https://your lms domain/learning/odatav4/public/user/catalogSearch/v1/CatalogItems?$filter=criteria/selectedSubjectAreaID eq 'Test'
Environment
SAP SuccessFactors Learning
Reproducing the Issue
1. Request API authorization with below body, notice the 'userType' is 'admin'
"scope":{
"userId":"yourId",
"companyId":"yourCompany",
"userType":"admin",
"resourceType":"learning_public_api"
}}
2. Run the API call and get error "Unauthorized access to catalog search"
3. Notice the API call is 'user/catalogSearch/v1'
Cause
The issue arises because the user type of requested authorization is not correct.
'user/catalogSearch/v1' API should use user type authorization.
Resolution
Set the "userType" in the authorization request body as "user".
Alternatively, API call 'admin/catalog-service/v1' can be used with admin type authorization.
See Also
Keywords
Unauthorized access, API Catalogsearch, Postman, SAP SuccessFactors Learning, Oauth Token Server, catalog item, userType, LMS ODATA Webservices. , KBA , LOD-SF-LMS-ODA , Web Services OData , Problem