ESI error: token not valid for scope

I am working on a Java ESI client application using the library published on GitHub (net.troja.eve.esi) in v4.1.0. I can connect to ESI, generate the access credentials and successfully execute calls that do not need scope access. However, whenever I try to access a protected endpoint (like read character location) I get the error that the token is not valid for the requested scope. My application definition contains the requested scope, but somehow the backend does not recognize that.
What does not seem to work properly is the authentication process when I generate the refresh token. Although I have added several scopes to the list in the application definition, I am not requested to confirm these scopes when I login and generate the intermediate value to get a token.
What am I getting wrong?

Without example code/errors it’s almost impossible to say. It’d suggest reading OAuth 2.0 for Web Based Applications | esi-docs and making sure you/your library is following each step correctly.

Possibly could go thru the process manually to get familiar with it in order to figure out what part things are breaking down.

Checking the URL that was called to generate the token helped. It did not contain the scopes, because they had to be added explicitly in the code that constructs the URL. I was not aware that the scopes are taken from the local parameters and not from the ones that are defined in the application definition on the CCP website.
Anyway, thanks for the reply, got me on the right track.

The ones defined in the application definition are what the application is allowed to request.

Bear in mind that you can change the definition after tokens are created. This doesn’t magically give you the new scopes on the old tokens.

If you need additional help with this, please make an issue on GitHub. We do not provide help on this forum. Be sure to include your own code, so, we can get an idea of what you’re doing wrong.

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.