One of our parents has changed email addresses, and in the past I had been able to edit the profile to update the information. But now when I click the “Edit Profile” link (which takes me into IA), I get “Error: logged-in user does not have access to this API”.
BUT: there are some parents’ profiles that I can see when I click on Edit Profile (and I assume I could edit, if needed.) There are others for which I get the error.
I have Key 3 delegate access, I’m really not sure why I’m getting this error.
Thanks in advance.
@JeffreyCieslak try Shift + refresh
I had very high hopes for this solution, but no luck. I did shift+refresh, also cleared the cache, to no effect.
It’s not an emergency, the user was able to make the changes themselves this time.
@DonovanMcNeil I came here to report this same problem, so it’s not a local cache issue. I’m unable (as a Key 3) to view/edit the profile for any parents in my Roster
I can so I imagine it is cache - try an Incognito window
As a Key 3 Delegate (selected in IA role pulldown menu), I’m also unable to view or edit the profile data for non-scouter parents, independent of having hard reloaded and/or clearing cache. I can update the data for registered leaders or youth, but not for any of our non-registered parents.
I’ve tried (both in a regular window and an incognito window, Firefox & Chrome, with and without clearing cache):
- Starting from Scoutbook and clicking on the parent’s Edit Profile
- Starting with IA2 login, then connecting to Scoutbook, then clicking on the parent’s Edit Profile
If it helps with localizing the issue, I get a series of three back-to-back pop-up error messages saying “Error. Logged in user does not have access to this API”. I am left with a blank profile data page with a DOB equal to the current date.
Interestingly, when I first login directly to IA2, I get one “User not authorized” pop-up error, although the roster eventually presents itself as usual and my K3D “profile” is shown in the dropdown.
ETA: I also tried clicking on a parent that is listed under the scout’s profile in IA2 (all of the ones I had tried before were not listed). I got one instance of the error message and then the “blank” profile.
Scoutbook doesn’t like my browser, so I have to use an Incognito window every time.
What Browsers are you using and can any of you jump on a screenshare to see? Developers cannot reproduce
Firefox 112.0.2 and Chrome 112.0.5615.138, both on Windows. Lemme see if I can break loose for a bit for a screenshare.
Or just use developer tools and network to see what is in Red or failing - I think it will be PersonProfile with a 401
Wow…it’s something of a soup sandwich. It’s showing 99+ errors in the count.
All URLs below manually broken between https and the colon to force it to render.
Dozens of 403 errors on images(?), generally of the form:
exemplar 403 errors:
GET https ://d1kn0x9vzr5n76.cloudfront.net/images/awards/goldarrowpoint100.png
GET https ://d1kn0x9vzr5n76.cloudfront.net/images/awards/pins/canoecamping100.png
GET https ://d1kn0x9vzr5n76.cloudfront.net/images/awards/medals/denali100.png
GET https ://d1kn0x9vzr5n76.cloudfront.net/images/awards/pins/basketball100.png
I finally managed to find the 401 errors in the soup:
GET https ://advancements.scouting.org/apis/esb/persons/v2/2208377/personprofile
GET https ://advancements.scouting.org/apis/esb/persons/v2/104467/personprofile
GET https ://advancements.scouting.org/apis/esb/persons/v2/C66C2469-6C19-4D83-8D60-0221ADCB7A00/personprofile
Looks like the policy trigger for all of the 401 errors is “strict-origin-when-cross-origin” For reference, that’s the same complaint about the 403 graphics I noted above.
@CharleyHamilton can you grab the CURL?
Exposing my ignorance here, but where is that listed? :^P
ETA: Is this what you were looking for:
I have to poke around to find it - maybe what you provided is enough
usually I click error and there is a dropdown and you can save CURL I think
Hrm…dropdown in Firefox isn’t offering CURL.
Any of those look promising?
ETA: It’s interesting (to me) that it looks like the menu is offering some options twice…
curl “Internet Advancement” ^
-H “sec-ch-ua: ^^“Chromium^^”;v=^^“112^^”, ^^“Brave^^”;v=^^“112^^”, ^^“Not:A-Brand^^”;v=^^“99^^”” ^
-H “sec-ch-ua-mobile: ?0” ^
-H “User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/22.214.171.124 Safari/537.36” ^
-H “Authorization: bearer
-H “Content-Type: application/json” ^
-H “Accept: application/json” ^
-H “Referer: Internet Advancement” ^
-H “x-target-url: https://api.scouting.org/persons/v2/11719434/personprofile” ^
-H “sec-ch-ua-platform: ^^“Windows^^”” ^
Developers want to know if this for ALL Parents or just some parents in Unit?
OK. I know it was happening for all of the non-scouter parents I tried, but i definitely didn’t try them all. I’m kinda buried today, but I’ll see if I can break off some time to wade through them in one go.
Well they have seen some fail just trying to figure out if all are effected