getTransaction and updateTransaction REST Calls No Longer Working
(Doc ID 2551863.1)
Last updated on DECEMBER 15, 2019
Applies to:Oracle BigMachines CPQ Cloud Service - Version 18 C to 19 A Patch 2 [Release 18 to 19]
Information in this document applies to any platform.
If a self-REST call is done from BML without authorization, the getTransaction REST call is executed as user system_user_cpq_server_as_client (and not as the user running the BML). This is a system user which is not visible in the user list anymore, but you can still see the logins in the user login history. Even though this is a system user, the logic of transaction access still applies. This means, the getTransaction for an individual transaction or a getTransaction list REST will only return transactions which this system user has the permission to see.
Also, updateTransaction REST calls without authorization use this system user which means they can also fail with 403 error, if this user does not have permission to perform the action on the transaction.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document