Why am I getting a 403 Forbidden URL error when making a call on an API?
Applies to
- OCLC APIs
Answer
The token you have requested is not using the appropriate scope that the endpoint you're trying to call is for.
An example is deleting an LHR using the Metadata API. If you have requested a token for the WorldCatMetadataAPI:manage_institution_holdings you will receive this error when trying to delete an LHR. This is because LHR functionality is only available using the scope WorldCatMetadataAPI:manage_institution_lhrs.
Scopes can be reviewed on the API documentation page by selecting Authorize.