This how-to guide presents how to fix the 403 Forbidden error when using the Search Systems Logs card.

Error Example:

scope=\"okta.logs.read\",
error=\"insufficient_scope\", error_description=\"The access token provided does not contain the required scopes.\",
resource=\"/api/v1/logs\"



The Okta – Search Systems Logs card allows searching in the Okta log by a keyword (and also an expression, set in Options):

Search Systems Logs card.
 

When running a flow with this card, it might return a 403 Forbidden error:

403 Forbidden error with Search Systems Logs card.
 
 

• Okta Workflows
• Okta worklfows connection
• Okta Workflows Connection - Insufficient Scope

Video walkthrough of the steps written below:


 

To fix this error, grant an additional scope to the Okta connection.

• Grant the okta.logs.read scope in the new permissions tab using custom scopes while reauthorizing the connection

OR
 

1. From the Admin Console, go to Applications > Applications.
2. Click Okta Workflows OAuth.
3. Open the Okta API Scopes tab.
4. Find the okta.logs.read scope and click Grant.
5. For this scope to take effect, reauthorize the connection that is being used.

After reauthorizing the connection (to include reviewing the permissions tab), rerun the flow. The card is now able to search the logs:

Thanks to Bryan Barrows (LinkedIn, blog), who helped with this question on the MacAdmins Slack channel.

Related References

• Okta Workflows How-To: Fix the 403 Forbidden Error When Using Search Systems Logs Card
• 403 Forbidden error using an Okta connector Action card in a Workflow
• Okta Workflows Connection - Insufficient Scope