Genesys Cloud Developer Forum

OAuth Client deleted successfully (marked for delete), but cannot restore them - App Uninstall

Hi,

During App Development testing, our team ran into an issue where in some of the OAuth Clients using same prefix as app were deleted (marked for deletion) due incorrect choice for app prefix part of Apps uninstall process. But when we tried restoring them through Genesys Cloud UI, we could restore few, but many of them where showing error "You do not have the all necessary roles to edit this OAuth Client". The user has Master Admin, admin roles. So there is no question of no having relevant for role for OAuth.

Those we couldn't restore, could only be restored the OAuth Client creators.

What could be causing this behavior? I checked the other threads relating to this error, but they are old and still couldn't find any solution which explains what the problem is.

Hello,

The user who restores an OAuth Client (Client Credentials Grant) must have the same roles than the ones assigned to the OAuth client. I am not referring to permissions but to the role itself.
If the OAuth Client is configured for "TestRole1", "TestRole2", ... - the user who is to restore the Oauth Client must have the same roles assigned to him (TestRole&, TestRole2, ....).
After you make the change to the user (enabling the roles), I'd recommend to logout and login again (to make sure Genesys Desktop takes into account the new roles assigned to the user).

Regards,

1 Like

Thanks @Jerome.Saint-Marc. Appreciate it! Solution you provided worked!

One question though, for restoration if we have such restrictions in place, then delete OAuth Client should'nt it have similar permissions? In other words, user SHOULD NOT be able to delete OAuth Client, unless they HAVE ALL of the Roles available on that OAuth Client? This will ensure even delete was attempted, ONLY the OAuth Clients he has permission to restore would ONLY be the OAuth Clients the user could delete.

Not sure if it is a bug or if it is intentionally designed this way.

Hello,

It is intentionally designed that way.

Regards,

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.