Skip to content

Add notebooks_read and notebooks_write to OAuth2 scopes #152

New issue
New issue
Closed
Task
Closed
Add notebooks_read and notebooks_write to OAuth2 scopes#152
Task
Labels
product:dashboards
@trancodyy

Description

@trancodyy
trancodyy
opened on Mar 3, 2026

Summary

pup notebooks get/list/update commands fail with 403 Forbidden when using OAuth2 authentication because notebooks_read and notebooks_write are not included in the hardcoded OAuth2 scope list.

Steps to reproduce

  1. pup auth login (authenticate via OAuth2)
  2. pup notebooks get <notebook_id>

Expected behavior

Notebook is returned successfully.

Actual behavior

Error: failed to get notebook: ResponseError(ResponseContent { status: 403, content: "{\"errors\":[\"Forbidden\",\"Failed permission authorization checks\"]}" })

Root cause

The OAuth2 scope list in the binary includes scopes for dashboards, monitors, logs, metrics, etc., but does not include notebooks_read or notebooks_write. The pup notebooks subcommands exist but are unusable with OAuth2 auth.

Suggested fix

Add notebooks_read and notebooks_write to the OAuth2 scope request in the auth login flow.

Environment

  • pup version: 0.25.0
  • Platform: macOS (arm64)

Metadata

Metadata

Assignees

No one assigned

    Labels

    product:dashboards

    Type

    Task

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions