Scope and URL mismatch error in lead api

Hello team,
I have access_token and i am passing it in ‘Authorization: Bearer’ for fetch all leads api.
I have try to run the api from code as well from the postman, on both the end i got this response :
(
[success] =>
[error] => Scope and URL mismatch
[errorCode] => 403
)
and without lead all api perfect working like person.

my code

$curl = curl_init();

curl_setopt_array($curl, array(
CURLOPT_URL => “https://api.pipedrive.com/v1/leads”,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => “”,
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => “POST”,
CURLOPT_HTTPHEADER => array(
“authorization: Bearer 6355382:9473608:15b1254adfa949c29e79024fe422c571e3df662a”,
“cache-control: no-cache”,
“postman-token: 10014cdf-20aa-f2cc-9a13-3018e36867ec”
),
));

$response = curl_exec($curl);
$err = curl_error($curl);

curl_close($curl);

if ($err) {
echo “cURL Error #:” . $err;
} else {
echo $response;
}

Hi @Mahesh_Talaviya

As access_token is sensitive information I would recommend edit this post and delete it from here. As for leads scope, when did you get this access token, before or after you enabled leads scope for your app?

Just in case, here is a bit info about what happens when you change an app scopes

Hi, @mykhailo !
I have the same problem and did not find a single Leads an app scopes.

Hi @Vlad. I completely forgot that leads endpoints we added without OAuth support for now (https://pipedrive.readme.io/docs/changelog#introducing-leads-api)

Please note that the OAuth scope is currently not available for the Leads endpoints, but we are working to get it added.

Meantime, if you need Leads API you can use api_token https://pipedrive.readme.io/docs/core-api-concepts-about-pipedrive-api

@Mahesh_Talaviya I think it should cover your case too.

1 Like

Hi @Mahesh_Talaviya and @Vlad,
Two new scopes for Leads endpoints are now available. More info here -> https://pipedrive.readme.io/docs/changelog#leads-oauth-scope

Thanks. It seems that after refresh the token, its scopes are lost
https://api-proxy.pipedrive.com/leads
{“organization_id”:7,“title”:“add test lead”}
response:
(403; {“success”: false, “error”: “Scope and URL mismatch”, “error Code”: 403}).

Hi @Vlad

The issue should be resolved now, can you try this again?