Skip Navigation
Connect REST API exception "Not Allowed: No permission granted to Read Account"
Answer ID 12346   |   Last Review Date 08/22/2022

How can we get account details in the Connect REST API without getting a 403 error?

  • Connect REST API for Oracle B2C Service, API versions 1.3 and 1.4
  • Oracle B2C Service version 22A and later
An integration makes calls to GET /services/rest/connect/v1.4/accounts/{id}/emails/0. After upgrading to from Oracle B2C Service version 21D to 22B, this stopped working. The following message was returned:
    "type": "https://<mysite>",
    "title": "You are forbidden to access this site",
    "status": 403,
    "detail": "Not Allowed: No permission granted to Read Account.",
    "instance": "https://<mysite><id>",
    "o:errorCode": "OSC-CREST-00028"
Add the "Groups / Accounts / Distribution Lists" administration permission to the profile of the account being used by the integration.
  1. In the .NET Agent Desktop, navigate to Configuration > Staff Management > Profiles
  2. Edit or copy the profile of the account being used in the integration.
  3. In the ribbon, click Permissions.
  4. In the first section, Administration, check the box that says Groups / Accounts / Distribution Lists.
    Application screenshot displaying the profile editing described in the surrounding list of steps.
  5. Save your changes.
  6. If you made a copy of the profile instead of editing it directly, edit the account to use the new profile.
To access Oracle B2C Service manuals and documentation online, refer to the Documentation for Oracle B2C Service Products.