We have an App that performs a transfer of an open messaging interaction that is with an agent to a queue and uses an OAuth Grant Types=Client Credentials that has a role with the permission Conversation > Communication > blindTransfer
The API
/api/v2/conversations/messages/{conversationId}/participants/{participantId}/replace, has the permission: conversation:communication:blindTransfer as Required Permissions
Even so, when making the request with the token obtained via Genesys Cloud OAuth, mentioned above, I get the return message informing me that I am not authorized for the request:
{
"message": "Access to Conversation {id} is forbidden.",
"code": "not.authorized",
"status": 403,
"messageWithParams": "Access to {type} {id} is forbidden.",
...
}
What could be going wrong? Since the OAuth Grant Types=Client Credentials has auto-authorized for the everything scope.
I was able to reproduce your scenario, starting from an OAuth Client/Assigned Role with Conversation > Communication > blindTransfer permission only.
You are missing the Conversation > Communication > Transfer permission.
That made sense when I read the description: Transfer other users' conversations
As the OAuth Client Credentials Grant client is not a participant in the conversation you are trying to transfer.