I have access denied error when I run a code from my local environment but can run it on Codebook.

tserenbat.uyanga · January 23

I executed this code with the Desktop session, not on Codebook, but on a local Jupyter Notebook.

response = ld.content.pricing.Definition(

['EUR=', 'GBP=', 'JPY=', 'CAD='],

fields=['BID', 'ASK']

).get_data()

display(response.data.df)

result was like bellow

access denied. Scopes required to access the resource: [trapi.data.pricing.read]. Missing scopes: [trapi.data.pricing.read]. Contact LSEG to check your permissions.

On the other hand the code(Open a stream in snapshot mode) bellow was fine on Codebook.

# Define our Streaming Price object

non_streaming = ld.content.pricing.Definition(

['EUR=', 'GBP=', 'JPY=', 'CAD='],

fields=['BID', 'ASK']

).get_stream()

# We want to just snap the current prices, don't need updates

# Open the instrument in non-streaming mode

non_streaming.open(with_updates=False)

# Snapshot the prices at the time of the open() call

non_streaming.get_snapshot()

by setting with_updates=False, it would get not the stream but the snapshot data without using RDP Snapshot API with no license problem,

But the result of the above code on a local Jupyter Notebook was error like bellow;

ConnectionError Traceback (most recent call last)

Cell In[6], line 9

2 non_streaming = ld.content.pricing.Definition(

3 ['EUR=', 'GBP=', 'JPY=', 'CAD='],

4 fields=['BID', 'ASK']

5 ).get_stream()

7 # We want to just snap the current prices, don't need updates

8 # Open the instrument in non-streaming mode

----> 9 non_streaming.open(with_updates=False)

10 # Snapshot the prices at the time of the open() call

11 non_streaming.get_snapshot()

File xxxlib\site-packages\lseg\data\content\pricing\_stream_facade.py:115, in Stream.open(self, with_updates)

89 def open(self, with_updates: bool = True) -> "OpenState":

90 """

91 Opens the streaming connection to the Pricing data, and sends corresponding requests for all requested

92 instruments.

(...)

113 >>> stream.open()

114 """

--> 115 return super().open(with_updates=with_updates)

File xxxlib\site-packages\lseg\data\delivery\_stream\_basestream.py:71, in StreamOpenWithUpdatesMixin.open(self, with_updates)

69 def open(self, with_updates: bool = True) -> OpenState:

...

state : StreamCxnState.Disposed

subprotocol : tr_json2

is_auto_reconnect: True

can_reconnect : False

num_attempt : 0

As a result, both of them failed to run on the local Jupyter Notebook code. However, the second one (non-stream code) was successful on Codebook.

I have confirmed with the account manager that our license has sufficient privileges to run both the stream and snapshot code above, since my Workspace ID has the scope for "trapi.data.pricing.read".

I asked a similar question to Workspace's help and support, but the issue still remains unresolved.

Jirapongse · January 23

@tserenbat.uyanga

Thank you for reaching out to us.

The forum supports code block. For readability, you can add the code in the code block.

The error is quite obvious that it is a permission issue.

access denied. Scopes required to access the resource: [trapi.data.pricing.read]. Missing scopes: [trapi.data.pricing.read]. Contact LSEG to check your permissions.

You need to contact the product team to confirm it.

To get the snapshot of data, you can try the get_data method instead.

ld.get_data(
    universe=['EUR=', 'GBP=', 'JPY=', 'CAD='],
    fields=["BID","ASK"]
)

To verify the problem, please enable the debug log in the library by running the following code before openning a session.

config = ld.get_config()

config.set_param("logs.transports.file.enabled", True)

config.set_param("logs.transports.file.name", "lseg-data-lib.log")

config.set_param("logs.level", "debug")

Then, the lseg-data-lib.log file will be created. We may be able to verify what the problem is from the debug log file.

wasin.w · January 23

Hello @tserenbat.uyanga

Please note that the Codebook uses your Workspace account with the library's Desktop session by default.

The result on the local environment Jupyter Notebook with the Desktop session setting on the lseg-data.config.json file should be the same as on the Codebook.

Which session on the lseg-data.config.json file are you using?

 "sessions": {
        "default": "desktop.workspace",
        "desktop": {
            "workspace": {
                "app-key": "Your App Key"
            }
        }
    }

tserenbat.uyanga · January 24

https://community.developers.refinitiv.com/discussion/comment/123734#Comment_123734

As mentioned, I retrieved the log file. However, before I ask you to check the log file, I would like to confirm one thing. I'm concerned about the possibility of the log file being exposed on this page, but what is the actual situation?

tserenbat.uyanga · January 24

https://community.developers.refinitiv.com/discussion/comment/123737#Comment_123737

I used desktop.workspace session. The result of open.session is below.

lseg-data.config.json

App-key is pre-populated with Workspace's APPKEY.

wasin.w · January 24

https://community.developers.refinitiv.com/discussion/comment/123752#Comment_123752

Hello @tserenbat.uyanga

Thank you for the information. Could you please share the lseg-data-lib.log with debug level enabled like my colleague has suggested?

If you have any concerns about the privacy, please remove all credential or personal information from the log before posting here.

tserenbat.uyanga · January 24

https://community.developers.refinitiv.com/discussion/comment/123755#Comment_123755

Hello @wasin.w

Actually, I'm posting these questions on behalf of the client.

Client's security policy doesn't allow posting any information on community sites.

May I send you the log file via email?

wasin.w · January 27

https://community.developers.refinitiv.com/discussion/comment/123760#Comment_123760

Hello @tserenbat.uyanga

In this case, I strongly suggest the client/you submit a support ticket to the Support team via https://myaccount.lseg.com/ website and include the debug log file when the issue occured with the ticket.

tserenbat.uyanga · January 28

Actually, the client was forwarded to DevCom by customer support. Are you sure that this kind of issue is in customer support scope?

tserenbat.uyanga · January 28

What is [trapi.data.pricing.read] ?

wasin.w · January 28

Hello @tserenbat.uyanga

The "trapi.data.pricing" is the API scope that is required for getting real-time price data for an instrument.

The "access denied. Scopes required to access the resource: [trapi.data.pricing.read]. Missing scopes: [trapi.data.pricing.read]. Contact LSEG to check your permissions." error message indicates that the client account does not have "trapi.data.pricing.read" API scope permission, so the platform returns this error message.

This permission issue cannot be fixed programmatically. We, Developer Relations team do not have a permission to fix the client permission too.

The API scopes are assigned by the account manager based on the products that one might have purchased, so please contact the client's account manager to help the client with this permission issue.

tserenbat.uyanga · January 29

https://community.developers.refinitiv.com/discussion/comment/123806#Comment_123806

Hi, thank you for the details.

The client has provided the log as per attachment.

Please kindly analyze and advise.

Also, the client is able to run the code and get data on Codebook.

Doesn't it mean his account has privilege to access [trapi.*** ]?

He is having this error when he runs the same code from his local Jupyter notebook.

Account Manager is involved from the first place, but we don't know what actions we need to take to give the client necessary access.

Do you have any idea or hint of action we could take to give him the access ?

20250123-1804-24184-lseg-data-lib2.log

Jirapongse · January 29

@tserenbat.uyanga

Thank you for the log file.

I checked the log file and found that the library could establish a websocket connection to the API proxy but the login stream was closed by the API proxy.

[2025-01-23T18:07:22.150848+09:00] - [sessions.desktop.workspace.0] - [DEBUG] - [29036 - ThreadOMMSTREAMING_PRICING_0.3] - [stream_connection] - [_run_websocket_listener] - [OMMSTREAMING_PRICING_0.3] connect
num_attempt : 0
url : ws://localhost:9005/api/rdp/streaming/pricing/v1/WebSocket
headers : ['User-Agent: Python', 'x-tr-applicationid: *****************************************', 'Authorization: Bearer ']
cookies : None
transport : websocket
subprotocols: ['tr_json2']
[2025-01-23T18:07:24.192838+09:00] - [sessions.desktop.workspace.0] - [DEBUG] - [29036 - ThreadOMMSTREAMING_PRICING_0.3] - [stream_connection] - [_on_ws_open] - [OMMSTREAMING_PRICING_0.3] on_ws_open
[2025-01-23T18:07:24.192838+09:00] - [sessions.desktop.workspace.0] - [DEBUG] - [29036 - ThreadOMMSTREAMING_PRICING_0.3] - [stream_connection] - [_on_ws_open] - [OMMSTREAMING_PRICING_0.3] send login message {'Domain': 'Login', 'ID': 2, 'Key': {'Elements': {'AppKey': '', 'Authorization': 'Bearer *****************************************', 'ApplicationId': '256', 'Position': '127.0.0.1/**********'}}}
[2025-01-23T18:07:45.259251+09:00] - [sessions.desktop.workspace.0] - [DEBUG] - [29036 - ThreadOMMSTREAMING_PRICING_0.3] - [stream_connection] - [_on_message] - [OMMSTREAMING_PRICING_0.3] on_ws_message [{"ID": 2, "State": {"Code": "ConnectionError", "Data": "Suspect", "Stream": "Closed", "Text": "Cannot establish connection to the platform"}, "Type": "Status"}]
[2025-01-23T18:07:45.259251+09:00] - [sessions.desktop.workspace.0] - [DEBUG] - [29036 - ThreadOMMSTREAMING_PRICING_0.3] - [omm_stream_connection] - [_handle_login_message] - [OMMSTREAMING_PRICING_0.3] received a closing message: state=StreamCxnState.Connecting, message={'ID': 2, 'State': {'Code': 'ConnectionError', 'Data': 'Suspect', 'Stream': 'Closed', 'Text': 'Cannot establish connection to the platform'}, 'Type': 'Status'}

The API Proxy closed the login stream with the following text "Cannot establish connection to the platform".

According to the information, this is not a problem in the library. It could be the network or firewall settings which don't allow the API Proxy to connect to the platform. You need to contact the desktop support team to verify what the problem is.

Codebook and local jupyter notebook are different running environments. They may use different user profiles. However, the error message is very obvious that it is a permission issue.

access denied. Scopes required to access the resource: [trapi.data.pricing.read]. Missing scopes: [trapi.data.pricing.read]. Contact LSEG to check your permissions.

The error was generated when accessing the snapshot endpoint (http://localhost:9001/api/rdp/data/pricing/snapshots/v1/). You may need to contact that team to verify what the permission is required to access the snapshot service.

tserenbat.uyanga · January 30

https://community.developers.refinitiv.com/discussion/comment/123823#Comment_123823

Could you please allow me to confirm some things?

Does "the platform" in this context refer to the RDP platform on the internet(Cloud) that is accessed through platform.session? Does the get_stream() function try to connect not only to the local web API interface of the local Workspace Desktop app, but also to “the platform” on the internet, despite using desktop.session? Does it mean that the environment in which this code is run must be capable of directly accessing external networks not only from the Workspace Desktop, but also from local Python scripts? However, does the get_data() function work fine on local Jupyter and does not require external/internet connections?

Jirapongse · January 30

@tserenbat.uyanga

Although the client uses the desktop session via the Workspace app, the Workspace app also needs to connect to Cloud or our Platform to get data. The platform in this context could be the platfrom used by the API Proxy to retrive streaming real-time data. You need to contact the product support team directly to confirm this. This is beyond the API scope.

The connection should like this:

The LSEG Data Library connected to the API Proxy. Then API Proxy in Workspace connected to the Cloud Platform. After, the API Proxy sent the "Cannot establish connection to the platform" to the Python application.

The get_data may use different connections or endpoints to retreive data. This problem happens with the websocket endpoint (ws://localhost:9005/api/rdp/streaming/pricing/v1/WebSocket) used to retrieve real-time data.

Jirapongse · January 30

@tserenbat.uyanga

The picture shows how our products use the Platform.

tserenbat.uyanga · March 14

Hi @Jirapongse,

Sorry for the delay. I have stopped using get_stream() and have opted for get_data() instead, but I still have concerns about it. So, I tried running the same script again, and this time the get_stream() function worked. However, I believe that none of the statuses changed (Workspace Desktop application, network environment, account privileges). I am sending the successful log file from the same script. Could you please let me know if you find anything?

20250307-1411-13600-lseg-data-lib copy.log

Jirapongse · March 14

https://community.developers.refinitiv.com/discussion/comment/124610#Comment_124610

You are correct. It is working now.

on_ws_open
[2025-03-07T14:57:28.146765+09:00] - [sessions.desktop.workspace.2] - [DEBUG] - [9836 - ThreadOMMSTREAMING_PRICING_2.0] - [stream_connection] - [_on_ws_open] - [OMMSTREAMING_PRICING_2.0] send login message {'Domain': 'Login', 'ID': 2, 'Key': {'Elements': {'AppKey': '**************************************************', 'Authorization': 'Bearer **************************************************************', 'ApplicationId': '256', 'Position': '127.0.0.1/'}}}
[2025-03-07T14:57:28.148766+09:00] - [sessions.desktop.workspace.2] - [DEBUG] - [9836 - ThreadOMMSTREAMING_PRICING_2.0] - [stream_connection] - [_on_message] - [OMMSTREAMING_PRICING_2.0] on_ws_message [{"Domain": "Login", "Elements": {"PingTimeout": 45, "MaxMsgSize": 61430}, "ID": 2, "Key": {"Elements": {"AllowSuspectData": 1, "ApplicationId": "256", "ApplicationName": "APIProxy", "Position": "127.0.0.1/", "ProvidePermissionExpressions": 1, "ProvidePermissionProfile": 0, "SingleOpen": 1, "SupportBatchRequests": 0, "SupportEnhancedSymbolList": 1, "SupportOMMPost": 0, "SupportOptimizedPauseResume": 0, "SupportPauseResume": 0, "SupportStandby": 0, "SupportViewRequests": 1}, "Name": "**********************************************"}, "State": {"Stream": "Open", "Data": "Ok", "Text": "Login accepted by API Proxy."}, "Type": "Refresh"}]

The library can receive the login response properly. This is beyond the library scope and I don't have permission to verify it.

I have access denied error when I run a code from my local environment but can run it on Codebook.

Answers

Categories

EXPLORE OUR SITES

I have access denied error when I run a code from my local environment but can run it on Codebook.

Answers

Categories