Using API key to archive transactions
Thursday, August 27, 2020 at 09:48pmWe are having issues using the API key to archive messages. We are getting a 403 error.
I removed the URL/and package number, but you can see the error below.
com.silanis.esl.sdk.internal.EslServerException: Unable to archive the package. Exception: HTTP POST on URI URL resulted in response with status code: [403, Forbidden]. Optional details: {"messageKey":"error.forbidden.cannotEditDeletePkg","technical":"user: xICItGelM4o6 does not have EDIT/DELETE access to package: ####","message":"Cannot edit or delete package.","code":403,"name":"Access Denied"}
Same API key works fine to generate a transaction.
Reply to: Using API key to archive transactions
Friday, August 28, 2020 at 08:53amHi Lance,
Can you share the package ID and the environment you are developing with? I'd like to check your account settings like whether you've enabled subaccount, and learn about the relationship between this package and the API Key holder (sender ID of xICItGelM4o6) to see why the API returned the non access error.
Duo
Reply to: Hi Lance, Can you share…
Friday, August 28, 2020 at 08:55amIt is a subaccount.
Package - https://sandbox.esignlive.com/api/packages/ZJ0IYaya7-VYkWbmmkfNouyh8zA=
Reply to: Using API key to archive transactions
Friday, August 28, 2020 at 12:29pmHi Lance,
After a quick check with support team, this package "ZJ0IYaya7-VYkWbmmkfNouyh8zA=" is created by sender whose email starting with dev4 and being the owner of a L1 subaccount "DEV4 Admin". However, API Key holder dev5 is the owner of another L1 subaccount "DEV5 Admin".
Because Roles&Permission and Subaccount are still evolving features, for the current implementation, it's suggested to create and management transaction (build signing link, download, manipulate status and so on) with the sender him/herself API Key/Token.
Duo
Reply to: Using API key to archive transactions
Friday, August 28, 2020 at 12:50pmThanks, I will contact the developer on our side. Sounds like a mistake.