I created a small program that helps identify orders in Demandware that have the wrong status, for example: (status: new, open, completed and delivery status: not sent, sent).
I just use order_search from OCAPI and compare the results with our ERP.
However, now I want to automate some status fixing, which will require me to use the calls / orders / {order_no} GET and PATCH, however when I do this, I get the following message:
{ type: 'AccessWithoutUserForbiddenException', message: 'An authenticated user is required in order to access resource.' }
According to the docs, the OAUTH for order_search uses: “Authentication through the OAuth token.”, However orders / {order_no} use: “Authentication through the OAuth token. A valid user is required.”
So, what would be the right strategy for becoming a valid user?
source share