Skip to main content

Had configured our app to create boards from other boards (by copying them), and suddenly it stop working
This is our flow, we call : "https://api.miro.com/v1/oauth/token?grant_type=authorization_code"
Then we call:
url = URI("https://api.miro.com/v2/boards?copy_from=#{template_id}")
And we are getting this error

"Full body {\"type\"=>\"error\", \"code\"=>\"4.0602\", \"context\"=>{\"boardId\"=>\"xxxxx=\"}, \"message\"=>\"Insufficient permissions to perform operation. Please check the permissions or contact support\", \"status\"=>403}"

Permissions have not been changed in months

App has permissions to read / write and original board has view permissions for every one, this error started appearing jus a few weeks ago.

Hey @Carlos López,

Thanks for reaching out about this. If you haven’t made any changes on your end, I agree that it seems strange. Have you tried regenerating the access_token you’re using by chance?

If you’ve already tried this, can I kindly ask that you open up a request with our Support team and share the full details of the board IDs with them? They should be able to take a closer look at the boards and further investigate why you’re getting a permissions error.

Thanks!

We haven’t regenerated the access token, because this works within our team, it’s user outside our team that are having problems, but that did not happen before.

Already opened a request with support, thank you.

 

Hello Carlos,
I was wondering if there have been any updates regarding this issue. Have you been able to identify the root cause? I encountered a similar situation and would greatly appreciate any insights you might have gained.

Thanks in advanced!

Hey, this was definitely something super hard to track.


It ended up being a combination of three things:

  • The security configuration of the Team Profile inside MIRO
  • The sharing settings on a board to be copied
  • The Sharing Policy access on the api call


So those three have to have a specific configuration, to find yours I suggest you play with them, but on our side this was the combination that worked:


On Team Profile under Permissions go to Content Security:
 

 
On the board that you want to copy from, make sure that the sharing option is set to anyone with the link can view:
 

 

And in your integration code, make sure when you create the board, you set the Sharing Policy access to private:

    request.body = "{\"name\":\"new board name\",

                    \"sharingPolicy\":{

                      \"acess\":\"private\",

                      \"teamAccess\":\"edit\"

                    },

                    \"permissionsPolicy\":{

                      \"copyAccessLevel\":\"anyone\"

                    }

                  }"

 

Hope this helps, this was a big headache for us.

Thank you very much for the answer, it looks like everything is working for the client now!

Reply


Terms & Conditions