Failed to fetch the User Details from OKTA, APIException : You do not have permission to perform the requested action Skip to main content
https://support.okta.com/help/answers?id=9062a000000xzkaqaw&refurl=http%3a%2f%2fsupport.okta.com%2fhelp%2fanswers
How satisfied are you with the Okta Help Center?
Thank you for your feedback!
How satisfied are you with the Okta Help Center?
1
2
3
4
5
Very Dissatisfied
Very satisfied
Enter content less than 200 characters.
Ask Search:
Pallavi ThotaPallavi Thota 

Failed to fetch the User Details from OKTA, APIException : You do not have permission to perform the requested action

Hi,

I am getting "system encountered an error while processing your request" I am trying to get the user details from OKTA by passing the userSSOId, and publish the userdetails to entitlements service.
But I get APIException with error code : E000006 Error Summary : You do not have permission to perform the requested action.
Appriciate your help. Thanks in advance.
Best Answer chosen by Pallavi Thota
Aleks BulajicAleks Bulajic (Okta, Inc.)
Hi Pallavi,

You can check if the API token was generated from a Super User Admin account by:

1. Logging in to your Okta Admin dashboard
2. Navigating to Security >> API
3. Ensuring Tokens tab is selected
4. You should then see a list of all tokens. Find the token name that is associated with Postman app, and you will see the name of the Admin who created the token and their Admin role.

You can also create a new API token using the instructions located in the following document: http://developer.okta.com/docs/api/getting_started/api_test_client.html

If creating the new API token does not resolve, I do suggest opening a case with Support as we may need to troubleshoot some items that are specific to your Org environment. You can open a case by navigating to https://support.okta.com/help and clicking the "Open a Case" button located on the upper-right part of the screen.

Thank you,

Aleks

All Answers

Aleks BulajicAleks Bulajic (Okta, Inc.)
Hi Pallavi,

Thanks for reaching out to Okta's Support Community! I'm sorry to hear your encountering some errors using the API calls.

We have seen this issue come up in the past, and it usually stems from the API token being generated from a non-superuseradmin account. Can you try creating a new token under a SuperUser admin profile and linking it to PostMan?

If that does not resolve, I do recommend creating a new case with Support so we can further assist you.

Thank you,

Aleks
Pallavi ThotaPallavi Thota
Thanks Aleks,
How do I check the API token generated is from a non-superuseradmin account ?

Yes, through postman i tried getUser API by passing the user SSOId which({{url}}/api/v1/users/{{userId}}) the response body gives me invalid token provided.
I get the same response for all users not only for SuperUseradmin. 

Can you help suggest me how do I create a new token under a SuperUser admin profile.

Regards,

Pallavi.
Pallavi ThotaPallavi Thota
I was facing this issues since 2, 3 days. I was using the same userId all these days since a yaer which was working fine but now it gives me an error. Kindly suggest why this is happening.

Thanks,
Pallavi.
Aleks BulajicAleks Bulajic (Okta, Inc.)
Hi Pallavi,

You can check if the API token was generated from a Super User Admin account by:

1. Logging in to your Okta Admin dashboard
2. Navigating to Security >> API
3. Ensuring Tokens tab is selected
4. You should then see a list of all tokens. Find the token name that is associated with Postman app, and you will see the name of the Admin who created the token and their Admin role.

You can also create a new API token using the instructions located in the following document: http://developer.okta.com/docs/api/getting_started/api_test_client.html

If creating the new API token does not resolve, I do suggest opening a case with Support as we may need to troubleshoot some items that are specific to your Org environment. You can open a case by navigating to https://support.okta.com/help and clicking the "Open a Case" button located on the upper-right part of the screen.

Thank you,

Aleks
This was selected as the best answer
Pallavi ThotaPallavi Thota
Hi Aleks,
The problem got solved after creating a new OKTA API token. I saved the token somewhere for future reference as it will be displayed only once when created. After that there is no way to see it again.

I replaced the old token with the newly generated one which solved my problem.

Thank you Aleks.
 
Pallavi ThotaPallavi Thota
Hi Aleks,

We have created a token last year on May 3rd  2016 and its expiration date is on June 22nd 2017.
The recently created token(on May 11th 2017) its expiration date is June 28th 2017 , if this tokens lifetime is 30 days then the expiration date in OKTA should get displayed as June 10th 2017.
 
Please let me know why the expiration date for the last years token(which was created on May 3rd 2016) is getting displayed as June 22nd 2017.
 
Also let me know why the expiration date for token created on May 11th 2017 is getting displayed as June 28th 2017 instead of June 10th 2017.