queryFilter IDM 403 No Matching Privilege Found

I created a new internal role to allow users to be able to run searches via the API against themselves along with roles / applications in IDM. When doing a search against the role or applications object, if I do a direct search using the /managed/<role|application>/ I get a return. But, when I run a search against object with a queryFilter parameter, I get an error with 403, unauthorized, no matching privilege found. Is there a specific privilege that is needed to allow an API request to use the queryFilter parameter?


Does the queryFilter refer to an attribute that’s not readable by the role’s permissions?

I ended up figuring out what this was, but thanks for the response. It had to do with the _id attribute not being in the list of available / read attributes so had to patch the to allow it.


1 Like