Scope and URL mismatch error in lead api

Mahesh_Talaviya · August 8, 2020, 4:10am

Hello team,
I have access_token and i am passing it in ‘Authorization: Bearer’ for fetch all leads api.
I have try to run the api from code as well from the postman, on both the end i got this response :
(
[success] =>
[error] => Scope and URL mismatch
[errorCode] => 403
)
and without lead all api perfect working like person.

my code

$curl = curl_init();

curl_setopt_array($curl, array(
CURLOPT_URL => “https://api.pipedrive.com/v1/leads”,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => “”,
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => “POST”,
CURLOPT_HTTPHEADER => array(
“authorization: Bearer 6355382:9473608:15b1254adfa949c29e79024fe422c571e3df662a”,
“cache-control: no-cache”,
“postman-token: 10014cdf-20aa-f2cc-9a13-3018e36867ec”
),
));

$response = curl_exec($curl);
$err = curl_error($curl);

curl_close($curl);

if ($err) {
echo “cURL Error #:” . $err;
} else {
echo $response;
}

mykhailo · August 11, 2020, 1:35pm

Hi @Mahesh_Talaviya

As access_token is sensitive information I would recommend edit this post and delete it from here. As for leads scope, when did you get this access token, before or after you enabled leads scope for your app?

Just in case, here is a bit info about what happens when you change an app scopes

Vlad · August 11, 2020, 1:52pm

Hi, @mykhailo !
I have the same problem and did not find a single Leads an app scopes.

mykhailo · August 11, 2020, 4:25pm

Hi @Vlad. I completely forgot that leads endpoints we added without OAuth support for now (Pipedrive API Changelog)

Please note that the OAuth scope is currently not available for the Leads endpoints, but we are working to get it added.

Meantime, if you need Leads API you can use api_token https://pipedrive.readme.io/docs/core-api-concepts-about-pipedrive-api

@Mahesh_Talaviya I think it should cover your case too.

Elina · October 30, 2020, 1:37pm

Hi @Mahesh_Talaviya and @Vlad,
Two new scopes for Leads endpoints are now available. More info here -> https://pipedrive.readme.io/docs/changelog#leads-oauth-scope

Vlad · November 3, 2020, 7:48am

Thanks. It seems that after refresh the token, its scopes are lost
https://api-proxy.pipedrive.com/leads
{“organization_id”:7,“title”:“add test lead”}
response:
(403; {“success”: false, “error”: “Scope and URL mismatch”, “error Code”: 403}).

David · November 5, 2020, 9:56am

Hi @Vlad

The issue should be resolved now, can you try this again?

kaantunc · June 21, 2021, 2:34pm

https://api-proxy.pipedrive.com/itemSearch
{“item_types”:“person”,“term”:“example”}
Authorization: Bearer “access token”

response:
(403; {“success”: false, “error”: “Scope and URL mismatch”, “error Code”: 403}).

mykhailo · June 22, 2021, 7:40am

Hello @kaantunc

Does your access token include “search” scope?

Also, I noticed that you use a deprecated way of calling API (api-proxy). The current way is (example for this endpoint)

https://api.pipedrive.com/v1/itemSearch?term=234

Or with company domain, more details here

Tenzin_Chemi1 · December 16, 2023, 6:42am

If you’re adding extra slashes anywhere in the url, then also you could get this error. I hope this helps if someone is in same spot as I was in.