Problem statement
When calling the Get branding endpoint the following error is returned: “Insufficient scope, expected any of: read:branding”.
Solution
The access token being used by the Management API must include the read:branding
scope. To do this, specify the scope when requesting the access token for the management API, e.g.:
curl --request POST \
--url 'https://{yourDomain}/oauth/token' \
--header 'content-type: application/x-www-form-urlencoded' \
--data grant_type=client_credentials \
--data 'client_id={yourClientId}' \
--data 'client_secret={yourClientSecret}' \
--data 'audience=https://{yourDomain}/api/v2/' \
--data 'scope=read:branding'
It is also possible to include any other scopes that may be required for other endpoints and separate them with a space, e.g.:
curl --request POST \
--url 'https://{yourDomain}/oauth/token' \
--header 'content-type: application/x-www-form-urlencoded' \
--data grant_type=client_credentials \
--data 'client_id={yourClientId}' \
--data 'client_secret={yourClientSecret}' \
--data 'audience=https://{yourDomain}/api/v2/' \
--data 'scope=read:branding update:branding'