By Adam Nagy
One thing that sometimes people miss is that the scope needs to be set as a single string with the scope values separated by space - instead of as a list of values.
If you do the following then it will succeed, but the scope values will be ignored:
curl \
-v "https://developer.api.autodesk.com/authentication/v1/authenticate" \
-X "POST" \
-H "Content-Type: application/x-www-form-urlencoded" \
-d "client_id=<client id>&client_secret=<client secret>&grant_type=client_credentials&scope(0)=bucket:create&scope(1)=bucket:read&scope(2)=data:write"After this if you try to do something like this:
curl \
-v "https://developer.api.autodesk.com/oss/v2/buckets" \
-X "POST" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer <token>" \
-d "{\"bucketKey\":\"mynewbucket\",\"policyKey\":\"transient\"}"Then you will get a reply like this:
Token scope not set. This request does not have the required privilege.
But if you set the required scopes the correct way in a single string then all will be fine. You just have to URL encode the space characters to %20:
curl \
-v "https://developer.api.autodesk.com/authentication/v1/authenticate" \
-X "POST" \
-H "Content-Type: application/x-www-form-urlencoded" \
-d "client_id=<client id>&client_secret=<client secret>&grant_type=client_credentials&scope=bucket:create%20bucket:read%20data:write"