Forbidden Request. Please Check Oauth Token and scope permission.

Alphonsa Abraha · ‎01-12-2023

Hello Community,

Hope one of you can assist. I am trying to set up the Microsoft Azure AD Spoke so that I can create users to Azure.

Now I am getting the following error:

Error message: Forbidden Request. Please Check Oauth Token and scope permission.

These are the permissions that I selected. Could anyone know to resolve it. Any ideas would be greatly appreciated.

@Ankur Bawiskar

Sangita Swamina · ‎02-16-2023

Alphonsa,

Did you figure this out? We are having the same issue.

Sylvain Lake · ‎03-06-2023

If it works like the password reset system, I think permissions mus not be of the delegated type:

https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB0753146

The user.read.all, reports.read.all permissions were given as delegated permissions, the API call won't work. You need to explicitly give app permissions, which are not selected by default in the Azure portal.

Ashwini_ Godala · ‎06-13-2023

Hi @Alphonsa Abraha ,

Is this resolved?

I have similar issue in my instance. Could you please share me the resolution for this.

Iguana · ‎03-04-2025

Hi,

In my case it helped to enable the option "Microsoft Entra roles can be assigned to the group" on Azure.