question

tombialy avatar image
tombialy asked claper87 commented

"Invalid permissions for expandable fields." when sending payments

What could be causing the error when we process payment? We noticed that changing app permission on non-payment objects has some impact on when the error occurs.


Request [POST:https://scl-sandbox.dev.clover.com/v1/orders/V****G/pay] 
 Payload:{"source":"clv_1*****7”}
 HTTP Header:
   [authorization] : [Bearer 8********9]
   [content-type] : [application/json]
   [accept] : [application/json]
 Response[403]: {
  "message" : "403 Forbidden",
  "error" : {
    "code" : "processing_error",
    "message" : "Invalid permissions for expandable fields."
  }
}


REST API
10 |2000

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

David Marginian avatar image
David Marginian Deactivated answered claper87 commented

The orders/pay endpoint requires read permission on customer, inventory, and order. Is that what you mean by non payment objects? https://docs.clover.com/docs/ecommerce-app-permissions

5 comments
10 |2000

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

claper87 avatar image claper87 commented ·

Hi David, quick question: I've changed my clover app permission and they have been approved. Is there an extra step that needs to happen to "publish" these changes to my subscribers?

0 Likes 0 ·
David Marginian avatar image David Marginian ♦♦ claper87 commented ·

Once we approve the changes you need to publish them, then your merchants will need to uninstall/reinstall your app and you will need to obtain a new access token.

0 Likes 0 ·
claper87 avatar image claper87 David Marginian ♦♦ commented ·

Woah! thank you for the prompt reply. I thought so... but then the "Publish changes" button appears disabled. Here's a screenshot:
1624976768824.png

0 Likes 0 ·
1624976768824.png (93.6 KiB)
Show more comments
tombialy avatar image
tombialy answered David Marginian Deactivated commented

Indeed. We have been working to minimize set of permissions that our app requires and noticed that lack of some permissions impacted payments. And you were correct, we had customer read missing. Thanks.

1 comment
10 |2000

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

David Marginian avatar image David Marginian ♦♦ commented ·

The customer read requirement is a bit unclear from our docs. I will let the doc team know.

1 Like 1 ·

Welcome to the
Clover Developer Community