403 Auth forbidden to assets endpoint

I have a token and have validated that the JWT has the scope to read assets. The image below shows it in the response after validating the token.

has-assets-permission

I am able to access the characters endpoint and get character data back, but the assets one is giving me this 403 with the same token.

URL I’m using is https://esi.evetech.net/v5/characters/CHARACTER_ID/assets/.

Is there something I’m missing about the assets endpoint specifically?

I’ve compared the request headers for both the characters endpoint and the assets endpoint and they are identical aside from the “:path” header. Which is as it should be as far as I know.

Looks like all protected endpoints under character don’t work for me. The notifications endpoint also returns a 403.

My guess is that you’re using a token that has all scopes. Tokens over 4096 bytes long won’t be accepted: Authorization failure when token is too long · Issue #1089 · esi/esi-issues · GitHub

Best practice is to just request the scopes you need. Alternative is to ignore just the scopes that do nothing, which will bring your token length to just under 4096:

        //'publicData', // irrelevant
        //'esi-wallet.read_corporation_wallet.v1', // invalid
        //'esi-bookmarks.read_character_bookmarks.v1', // bookmarks api doesnt work
        //'esi-characters.read_chat_channels.v1', // there is no chat api
        //'esi-bookmarks.read_corporation_bookmarks.v1', // bookmarks api doesnt work

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.