/support/notes/service/sap_logo.png){kind=logo}
SAP Knowledge Base Article - PublicSymptom
An error occurs when attempting to use the odata/v2/checkUserPermissions API call. The error message received is:
{
"error": {
"code": "COE_GENERAL_FORBIDDEN",
"message": {
"lang": "en-US",
"value": "[COE0020]You do not have permission for this action: [XXXXXXXXXX]"
}
}
}
The API documentation incorrectly states that the odata/v2/checkUserPermissions API supports POST operations, but it only supports GET.
Attempting to use POST results in the following error message:
{
"error": {
"code": "MethodNotAllowedException",
"message": {
"lang": "en-US",
"value": "HTTP method 'POST' is not allowed for this resource."
}
}
}
Environment
- SAP SuccessFactors HCM Suite
- OData API
Reproducing the Issue
- Attempt to perform a query in odata/v2/checkUserPermissions
- Use GET operations instead and observe the permission error: "COE_GENERAL_FORBIDDEN."
Cause
The odata/v2/checkUserPermissions API call failed due to missing permissions for the API user.
Resolution
In order to solve this issue, please grant the API User the following permission:
- Add the API user Admin Tools > Set User Permissions > Manage Role-Based Permission Access permission
- Grant the API user the "view group" and "view role" permissions.
PS: Use GET operations for the odata/v2/checkUserPermissions API call, as POST operations are not supported.
Refer to the RBPBasicPermission entity for further details on permissions.
See Also
Keywords
odata, checkUserPermissions, COE_GENERAL_FORBIDDEN, MethodNotAllowedException, API permissions, RBPBasicPermission, view group, view role, GET operations, POST operations, API error, permission error. , KBA , LOD-SF-INT-ODATA , OData API Framework , Problem
/support/notes/service/twitter.svg)
/support/notes/service/youtube.svg)
/support/notes/service/linkedin.svg)
/support/notes/service/instagram2.svg)