Error in ComputeEx Uphold when committing a transaction

[TarunBaur]

2020-07-27T14:27:08.853717+00:00 app[web.1]: commit-tx error ForbiddenError: forbidden
2020-07-27T14:27:08.853719+00:00 app[web.1]: at createError (/app/node_modules/@uphold/uphold-sdk-javascript/dist/core/utils/error-factory.js:20:14)
2020-07-27T14:27:08.853719+00:00 app[web.1]: at /app/node_modules/@uphold/uphold-sdk-javascript/dist/node/services/request-client.js:31:167
2020-07-27T14:27:08.853720+00:00 app[web.1]: at tryCatcher (/app/node_modules/bluebird/js/release/util.js:16:23)
2020-07-27T14:27:08.853720+00:00 app[web.1]: at Promise._settlePromiseFromHandler (/app/node_modules/bluebird/js/release/promise.js:547:31)
2020-07-27T14:27:08.853721+00:00 app[web.1]: at Promise._settlePromise (/app/node_modules/bluebird/js/release/promise.js:604:18)
2020-07-27T14:27:08.853721+00:00 app[web.1]: at Promise._settlePromise0 (/app/node_modules/bluebird/js/release/promise.js:649:10)
2020-07-27T14:27:08.853722+00:00 app[web.1]: at Promise._settlePromises (/app/node_modules/bluebird/js/release/promise.js:725:18)
2020-07-27T14:27:08.853722+00:00 app[web.1]: at _drainQueueStep (/app/node_modules/bluebird/js/release/async.js:93:12)
2020-07-27T14:27:08.853723+00:00 app[web.1]: at _drainQueue (/app/node_modules/bluebird/js/release/async.js:86:9)
2020-07-27T14:27:08.853723+00:00 app[web.1]: at Async._drainQueues (/app/node_modules/bluebird/js/release/async.js:102:5)
2020-07-27T14:27:08.853724+00:00 app[web.1]: at Immediate.Async.drainQueues (/app/node_modules/bluebird/js/release/async.js:15:14)
2020-07-27T14:27:08.853724+00:00 app[web.1]: at processImmediate (internal/timers.js:456:21) {
2020-07-27T14:27:08.853725+00:00 app[web.1]: body: { code: 'forbidden', message: 'Forbidden' },
2020-07-27T14:27:08.853726+00:00 app[web.1]: headers: {
2020-07-27T14:27:08.853726+00:00 app[web.1]: date: 'Mon, 27 Jul 2020 14:27:08 GMT',
2020-07-27T14:27:08.853728+00:00 app[web.1]: 'content-type': 'application/json; charset=utf-8',
2020-07-27T14:27:08.853729+00:00 app[web.1]: 'content-length': '42',
2020-07-27T14:27:08.853730+00:00 app[web.1]: connection: 'close',
2020-07-27T14:27:08.853730+00:00 app[web.1]: 'set-cookie': [
2020-07-27T14:27:08.853732+00:00 app[web.1]: '__cfduid=de251a59f6498fef125306182ba09a8dd1595860028; expires=Wed, 26-Aug-20 14:27:08 GMT; path=/; domain=.uphold.com; HttpOnly; SameSite=Lax; Secure'
2020-07-27T14:27:08.853733+00:00 app[web.1]: ],
2020-07-27T14:27:08.853733+00:00 app[web.1]: 'content-security-policy': 'default-src "none"',
2020-07-27T14:27:08.853734+00:00 app[web.1]: 'x-content-security-policy': 'default-src "none"',
2020-07-27T14:27:08.853734+00:00 app[web.1]: 'x-webkit-csp': 'default-src "none"',
2020-07-27T14:27:08.853734+00:00 app[web.1]: 'strict-transport-security': 'max-age=31536000; includeSubDomains',
2020-07-27T14:27:08.853735+00:00 app[web.1]: 'x-xss-protection': '1; mode=block',
2020-07-27T14:27:08.853735+00:00 app[web.1]: 'x-content-type-options': 'nosniff',
2020-07-27T14:27:08.853736+00:00 app[web.1]: 'x-frame-options': 'DENY',
2020-07-27T14:27:08.853736+00:00 app[web.1]: 'expect-ct': 'max-age=0, report-uri="https://uphold.report-uri.com/r/d/ct/reportOnly"',
2020-07-27T14:27:08.853736+00:00 app[web.1]: 'expect-staple': 'max-age=0; report-uri="https://uphold.report-uri.com/r/d/staple/reportOnly"',
2020-07-27T14:27:08.853737+00:00 app[web.1]: 'request-id': '5b970a1aeee8c19d-IAD',
2020-07-27T14:27:08.853737+00:00 app[web.1]: vary: 'Origin',
2020-07-27T14:27:08.853738+00:00 app[web.1]: 'rate-limit-remaining': '490',
2020-07-27T14:27:08.853738+00:00 app[web.1]: 'rate-limit-reset': '1595860036',
2020-07-27T14:27:08.853738+00:00 app[web.1]: 'rate-limit-total': '500',
2020-07-27T14:27:08.853739+00:00 app[web.1]: 'x-accepted-oauth-scopes': 'transactions:transfer:others transactions:write',
2020-07-27T14:27:08.853740+00:00 app[web.1]: 'x-oauth-scopes': 'accounts:read cards:read cards:write transactions:deposit transactions:read transactions:transfer:application transactions:transfer:others transactions:commit:otp user:read',
2020-07-27T14:27:08.853741+00:00 app[web.1]: 'cf-cache-status': 'DYNAMIC',
2020-07-27T14:27:08.853741+00:00 app[web.1]: 'cf-request-id': '043244a4d50000c19d5508a200000001',
2020-07-27T14:27:08.853741+00:00 app[web.1]: server: 'cloudflare',
2020-07-27T14:27:08.853742+00:00 app[web.1]: 'cf-ray': '5b970a1aeee8c19d-IAD',
2020-07-27T14:27:08.853742+00:00 app[web.1]: 'alt-svc': 'h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400'
2020-07-27T14:27:08.853743+00:00 app[web.1]: },
2020-07-27T14:27:08.853743+00:00 app[web.1]: status: 403,
2020-07-27T14:27:08.853743+00:00 app[web.1]: response: StatusCodeError: 403 - "{\"code\":\"forbidden\",\"message\":\"Forbidden\"}"
2020-07-27T14:27:08.853744+00:00 app[web.1]: at new StatusCodeError (/app/node_modules/request-promise-core/lib/errors.js:32:15)
2020-07-27T14:27:08.853744+00:00 app[web.1]: at Request.plumbing.callback (/app/node_modules/request-promise-core/lib/plumbing.js:104:33)
2020-07-27T14:27:08.853745+00:00 app[web.1]: at Request.RP$callback [as _callback] (/app/node_modules/request-promise-core/lib/plumbing.js:46:31)
2020-07-27T14:27:08.853745+00:00 app[web.1]: at Request.self.callback (/app/node_modules/request/request.js:185:22)
2020-07-27T14:27:08.853745+00:00 app[web.1]: at Request.emit (events.js:315:20)
2020-07-27T14:27:08.853746+00:00 app[web.1]: at Request.<anonymous> (/app/node_modules/request/request.js:1161:10)
2020-07-27T14:27:08.853746+00:00 app[web.1]: at Request.emit (events.js:315:20)
2020-07-27T14:27:08.853747+00:00 app[web.1]: at IncomingMessage.<anonymous> (/app/node_modules/request/request.js:1083:12)
2020-07-27T14:27:08.853747+00:00 app[web.1]: at Object.onceWrapper (events.js:421:28)
2020-07-27T14:27:08.853748+00:00 app[web.1]: at IncomingMessage.emit (events.js:327:22)
2020-07-27T14:27:08.853748+00:00 app[web.1]: at endReadableNT (_stream_readable.js:1221:12)
2020-07-27T14:27:08.853749+00:00 app[web.1]: at processTicksAndRejections (internal/process/task_queues.js:84:21) {
2020-07-27T14:27:08.853749+00:00 app[web.1]: statusCode: 403,
2020-07-27T14:27:08.853749+00:00 app[web.1]: error: '{"code":"forbidden","message":"Forbidden"}',
2020-07-27T14:27:08.853750+00:00 app[web.1]: options: {
2020-07-27T14:27:08.853750+00:00 app[web.1]: body: '{"message":"Buy BTC"}',
2020-07-27T14:27:08.853751+00:00 app[web.1]: method: 'POST',
2020-07-27T14:27:08.853751+00:00 app[web.1]: headers: [Object],
2020-07-27T14:27:08.853752+00:00 app[web.1]: resolveWithFullResponse: true,
2020-07-27T14:27:08.853752+00:00 app[web.1]: strictSSL: false,
2020-07-27T14:27:08.853753+00:00 app[web.1]: url: 'https://api.uphold.com/v0/me/cards/7a17cc18-63f1-44c2-87d4-7ded584c5557/transactions/58a3499a-f473-481a-9b67-bba83cc4d1cc/commit',
2020-07-27T14:27:08.853753+00:00 app[web.1]: callback: [Function: RP$callback],
2020-07-27T14:27:08.853754+00:00 app[web.1]: transform: undefined,
2020-07-27T14:27:08.853762+00:00 app[web.1]: simple: true,
2020-07-27T14:27:08.853762+00:00 app[web.1]: transform2xxOnly: false
2020-07-27T14:27:08.853763+00:00 app[web.1]: },
2020-07-27T14:27:08.853763+00:00 app[web.1]: response: IncomingMessage {
2020-07-27T14:27:08.853764+00:00 app[web.1]: _readableState: [ReadableState],
2020-07-27T14:27:08.853764+00:00 app[web.1]: readable: false,
2020-07-27T14:27:08.853764+00:00 app[web.1]: _events: [Object: null prototype],
2020-07-27T14:27:08.853765+00:00 app[web.1]: _eventsCount: 4,
2020-07-27T14:27:08.853765+00:00 app[web.1]: _maxListeners: undefined,
2020-07-27T14:27:08.853766+00:00 app[web.1]: socket: [TLSSocket],
2020-07-27T14:27:08.853766+00:00 app[web.1]: connection: [TLSSocket],
2020-07-27T14:27:08.853766+00:00 app[web.1]: httpVersionMajor: 1,
2020-07-27T14:27:08.853767+00:00 app[web.1]: httpVersionMinor: 1,
2020-07-27T14:27:08.853768+00:00 app[web.1]: httpVersion: '1.1',
2020-07-27T14:27:08.853768+00:00 app[web.1]: complete: true,
2020-07-27T14:27:08.853768+00:00 app[web.1]: headers: [Object],
2020-07-27T14:27:08.853769+00:00 app[web.1]: rawHeaders: [Array],
2020-07-27T14:27:08.853769+00:00 app[web.1]: trailers: {},
2020-07-27T14:27:08.853770+00:00 app[web.1]: rawTrailers: [],
2020-07-27T14:27:08.853770+00:00 app[web.1]: aborted: false,
2020-07-27T14:27:08.853771+00:00 app[web.1]: upgrade: false,
2020-07-27T14:27:08.853771+00:00 app[web.1]: url: '',
2020-07-27T14:27:08.853772+00:00 app[web.1]: method: null,
2020-07-27T14:27:08.853772+00:00 app[web.1]: statusCode: 403,
2020-07-27T14:27:08.853772+00:00 app[web.1]: statusMessage: 'Forbidden',
2020-07-27T14:27:08.853773+00:00 app[web.1]: client: [TLSSocket],
2020-07-27T14:27:08.853773+00:00 app[web.1]: _consuming: true,
2020-07-27T14:27:08.853774+00:00 app[web.1]: _dumped: false,
2020-07-27T14:27:08.853774+00:00 app[web.1]: req: [ClientRequest],
2020-07-27T14:27:08.853775+00:00 app[web.1]: request: [Request],
2020-07-27T14:27:08.853775+00:00 app[web.1]: toJSON: [Function: responseToJSON],
2020-07-27T14:27:08.853776+00:00 app[web.1]: caseless: [Caseless],
2020-07-27T14:27:08.853776+00:00 app[web.1]: body: '{"code":"forbidden","message":"Forbidden"}',
2020-07-27T14:27:08.853777+00:00 app[web.1]: [Symbol(kCapture)]: false
2020-07-27T14:27:08.853777+00:00 app[web.1]: }
2020-07-27T14:27:08.853777+00:00 app[web.1]: }
2020-07-27T14:27:08.853778+00:00 app[web.1]: }

[zemse]

A quick look at the logs shows response from Uphold: { code: 'forbidden', message: 'Forbidden' } with status code 403 Forbidden.

• I've seen this exact error when price of crypto changes. This was confirmed previously when having a call with Uphold dev team. But this time it errors even when trying to commit instantly.
• ATM The exact code is working fine in the testnet. I'm not sure why this doesn't work with mainnet, might be any API scope issues.

[zemse]

I see the scopes: 'x-oauth-scopes': 'accounts:read cards:read cards:write transactions:deposit transactions:read transactions:transfer:application transactions:transfer:others transactions:commit:otp user:read',, it appears that transactions commit is included in the scope. But are the API keys allowed to use this scope?