Unable to edit parent profile

One of our parents has changed email addresses, and in the past I had been able to edit the profile to update the information. But now when I click the “Edit Profile” link (which takes me into IA), I get “Error: logged-in user does not have access to this API”.

BUT: there are some parents’ profiles that I can see when I click on Edit Profile (and I assume I could edit, if needed.) There are others for which I get the error.

I have Key 3 delegate access, I’m really not sure why I’m getting this error.

Thanks in advance.

@JeffreyCieslak try Shift + refresh

I had very high hopes for this solution, but no luck. I did shift+refresh, also cleared the cache, to no effect.

It’s not an emergency, the user was able to make the changes themselves this time.

@DonovanMcNeil I came here to report this same problem, so it’s not a local cache issue. I’m unable (as a Key 3) to view/edit the profile for any parents in my Roster

I can so I imagine it is cache - try an Incognito window

Hi, @DonovanMcNeil,

As a Key 3 Delegate (selected in IA role pulldown menu), I’m also unable to view or edit the profile data for non-scouter parents, independent of having hard reloaded and/or clearing cache. I can update the data for registered leaders or youth, but not for any of our non-registered parents.

I’ve tried (both in a regular window and an incognito window, Firefox & Chrome, with and without clearing cache):

  • Starting from Scoutbook and clicking on the parent’s Edit Profile
  • Starting with IA2 login, then connecting to Scoutbook, then clicking on the parent’s Edit Profile

If it helps with localizing the issue, I get a series of three back-to-back pop-up error messages saying “Error. Logged in user does not have access to this API”. I am left with a blank profile data page with a DOB equal to the current date.

Interestingly, when I first login directly to IA2, I get one “User not authorized” pop-up error, although the roster eventually presents itself as usual and my K3D “profile” is shown in the dropdown.

ETA: I also tried clicking on a parent that is listed under the scout’s profile in IA2 (all of the ones I had tried before were not listed). I got one instance of the error message and then the “blank” profile.

Scoutbook doesn’t like my browser, so I have to use an Incognito window every time.

What Browsers are you using and can any of you jump on a screenshare to see? Developers cannot reproduce

Hi, @DonovanMcNeil,

Firefox 112.0.2 and Chrome 112.0.5615.138, both on Windows. Lemme see if I can break loose for a bit for a screenshare.

Or just use developer tools and network to see what is in Red or failing - I think it will be PersonProfile with a 401

Wow…it’s something of a soup sandwich. It’s showing 99+ errors in the count.

All URLs below manually broken between https and the colon to force it to render.

Dozens of 403 errors on images(?), generally of the form:

exemplar 403 errors:
GET https ://d1kn0x9vzr5n76.cloudfront.net/images/awards/goldarrowpoint100.png
GET https ://d1kn0x9vzr5n76.cloudfront.net/images/awards/pins/canoecamping100.png
GET https ://d1kn0x9vzr5n76.cloudfront.net/images/awards/medals/denali100.png
GET https ://d1kn0x9vzr5n76.cloudfront.net/images/awards/pins/basketball100.png


I finally managed to find the 401 errors in the soup:

GET https ://advancements.scouting.org/apis/esb/persons/v2/2208377/personprofile
GET https ://advancements.scouting.org/apis/esb/persons/v2/104467/personprofile
GET https ://advancements.scouting.org/apis/esb/persons/v2/C66C2469-6C19-4D83-8D60-0221ADCB7A00/personprofile

Looks like the policy trigger for all of the 401 errors is “strict-origin-when-cross-origin” For reference, that’s the same complaint about the 403 graphics I noted above.

@CharleyHamilton can you grab the CURL?

Exposing my ignorance here, but where is that listed? :^P

ETA: Is this what you were looking for:

https ://advancements.scouting.org/vendors.95f222a024577bb8572b.js

I have to poke around to find it - maybe what you provided is enough

usually I click error and there is a dropdown and you can save CURL I think

Hrm…dropdown in Firefox isn’t offering CURL.

Any of those look promising?

ETA: It’s interesting (to me) that it looks like the menu is offering some options twice…

curl “Internet Advancement” ^
-H “sec-ch-ua: ^^“Chromium^^”;v=^^“112^^”, ^^“Brave^^”;v=^^“112^^”, ^^“Not:A-Brand^^”;v=^^“99^^”” ^
-H “sec-ch-ua-mobile: ?0” ^
-H “User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/ Safari/537.36” ^
-H “Authorization: bearer removed” ^
-H “Content-Type: application/json” ^
-H “Accept: application/json” ^
-H “Referer: Internet Advancement” ^
-H “x-target-url: https://api.scouting.org/persons/v2/11719434/personprofile” ^
-H “sec-ch-ua-platform: ^^“Windows^^”” ^

Developers want to know if this for ALL Parents or just some parents in Unit?

OK. I know it was happening for all of the non-scouter parents I tried, but i definitely didn’t try them all. I’m kinda buried today, but I’ll see if I can break off some time to wade through them in one go.

Well they have seen some fail just trying to figure out if all are effected

1 Like