Permission Denied even having valid Scope in Place


I’ve generated an access token using the API.

When I hit API, it throws a 403 response. I hope the contacts:full scope covers /personFields API.

I’ve attached the sample API request image from Postman.

While other APIs are working fine.

Hello @kughanev

Could you try POST https://<company-domain>

Also, for POST /personFields you will need admin scope (but it seems your token already has it)

More about API.

Hi @mykhailo,

Tried POST https://<company-domain> API. Still same 403 Forbidden response.

Also, for POST /personFields you will need admin scope

Yes. The scope “admin” is available.

 "scope": "base,deals:full,contacts:full,users:read,search:read,admin",

Is anything wrong from my side? How to proceed further?

Just to double-check, do you use Authorization: Bearer <valid access token> in your request?

Also, could update the access token and make a request again (to exclude expired token case)?


Yes… I’ve passed the Authorization header as shown below. In the absence of an Authorization header, the response would be 401 Unauthorised.

Just now created an access token and use it in the header (check screenshot time in IST).

Other APIs are working fine with this access token

Is APIs should have /api/v1/?

APIs like

are working fine without any issues.

++ Revathy

I see. Could you double-check if you can create custom fields from Pipedrive UI Custom Fields – Knowledge Base? If you don’t have that option it means you do not have enough permissions in that Pipedrive account.

The idea is that you gain access token through an app, and call Pipedrive API on behalf of a user who installed the app.

As it’s your app, and you installed it for your Pipedrive account, you need to be an admin to use admin scope (create person fields for example).

1 Like

We’ll try in our app. and update you.

Thanks @mykhailo for your quick & great support :grinning:

1 Like