Symptoms
AccountAdd_API or PlaceOrderAndAuthorize_API fail with "Access Denied" exception.
Cause
There are several possible reason for such issue:
- The user under which API call is made does not have the required privilege in his role (e.g.
ACCOUNTS_CREATE_MODIFY
for AccountAdd_API). - The user under which API call is made is not a staff member of the
VendorAccountID
specified in the call (e.g. the resellers staff member attempts to create an account/order for the provider). - Incorrect call structure, for example, the first optional parameter
AccountID
is passed asint
and the system considers this parameter as aVendorAccountID
. As a result the system checks if the user under which the call is made is a staff member of thisVendorAccountID
and it results inAccess Denied
.
Resolution
- Either add a privilege to the role or use a different user.
- User a vendors staff member to execute a call.
- Correct the structure according to the documentation, AccountID is to be passed as string, e.g.
<value>AccountID=100025689</value>
.