Forum Stats

  • 3,872,094 Users
  • 2,266,378 Discussions


How to overcome IAM-3054140 error encountered in REST calls

Ben Allen
Ben Allen Member Posts: 2 Green Ribbon

I am submitting a GET call to our OIM endpoint which is supposed to search all users for anybody with a mail value set to '[email protected]' but I'm getting a 401 Unauthorized response with the message,

"IAM-3054140 : You do not have permission to search the following user attributes: mail."

I'd created an admin user for the application I created for use in authorization of these calls and guessed that the permissions of that account may be insufficient, even though they've worked in all other calls. I tried changing them to the xelsysadm user, but it still kicks back the same error.

The URI of my request winds up looking like this: /iam/governance/selfservice/api/v1/users/?q=mail%20eq%20%[email protected]%27

I also tried changing the query from mail to userName, uid, and Last Name and the result is the same.

I can provide a full call if that would help, or if there's anything else I can provide that would help, please let me know.

Also, for clarification, I'm attempting to lookup the usrKey value of a user account using their User Id or email address. I'd provided a SCIM call for this purpose that works better, but that's encountering a CORS issue for the project team that doesn't make any sense and that I cannot overcome.