I don’t find the scopes for Responses API when setting up a “restricted” API key. I tried creating a key and toggled on all individual scopes but it does not work:
You have insufficient permissions for this operation. Missing scopes: api.responses.read, api.responses.write
However i can create a API key that is not restricted to scopes, with “all” scopes and then it works. Is this how it’ supposed to be?
Welcome to the dev forum @herman6
Forwarded to the OpenAI team. Thanks for reporting the issue.
I’m also struggling with this. I’m trying to set up a very restricted key for use with a GitHub System Test action. I keep getting en error about missing the model.request scope.
Hi and welcome to the community!
Users can belong to an organization and to one or more projects, each with its own roles and permissions. It is possible these have been mixed up, and the user trying to create the API key is missing the required permissions at the organization level or the project level.
I recommend double-checking these settings by making simple curl calls to the API to inspect the users and their assigned roles.
@Richard_Corfield @vb I’ve been at this for a couple hours today. I think this boils down to poor UX design by OpenAI here.
You MUST first set “Model Capabilities” to “Request”. I was just expanding it and enabling “v1/responses” and getting the same scope error.
Model Capabilities is its own permission, despite changing to show “Mixed”. Very confusing design.
Heres an example where its indistinguishable what the permissions are as it ends up showing “Mixed”:
@Joe_Jankowiak
Thanks for the ping. I was following your other topic and it reminded me of this one.
I will put together a write-up and share it with the team. Permission management is important, and there is clear room for improvement here.
Perfect thank you for helping get this in front of the right people! I also have a case number 04615183 which I’ve shared some videos and additional information on if you want to include that with your write up.
