When attempting to reset password flow we see an error about manage_customers

commercetools / sunrise-spa

SUNRISE shop template as a single-page application

https://sunrise-spa.now.sh

Apache License 2.0

51 stars 78 forks source link

When attempting to reset password flow we see an error about manage_customers #267

Closed paulcrussell closed 2 years ago

paulcrussell commented 2 years ago

Its a 403 response with the following

{ "statusCode": 403, "message": "Insufficient scope. One of the following scopes is missing: manage_customers.", "errors": [ { "code": "insufficient_scope", "message": "Insufficient scope. One of the following scopes is missing: manage_customers." } ], "error": "insufficient_scope", "error_description": "Insufficient scope. One of the following scopes is missing: manage_customers." }

harm-meijer commented 2 years ago

Normally the reset password logic should be implemented on your server but in the demo it is done in client side code. The scope for client side does not include manage_customers because that would enable anyone to change anyones account. You can add manage_customers scope when you create the api client.

More info on how the reset password works can be found here