403 Forbidden on /data/api/v1/scan/projects using Ignition 8.3 API Key

I am triggering a project filesystem scan from GitHub Actions. The network path, HTTPS protocol, and header syntax (X-Ignition-API-Token) are working perfectly, but the gateway returns an HTTP 403 Forbidden. The request is successfully reaching Ignition, but the gateway is explicitly denying permission.

The Root Blocker:

  • My API Key is mapped to a custom security level: Authenticated/API_RW.
  • Because Ignition 8.3 blocks assigning built-in user roles (like Roles/Administrator) directly to API Keys, my token lacks the administrative privileges needed to touch disk-level system paths.

Question :

My API key is getting rejected with a 403 Forbidden error on the POST /data/api/v1/scan/projects route. Because Ignition 8.3 blocks assigning built-in user roles (like Roles/Administrator) directly to API Keys, my token is stuck with a custom security level (Authenticated/API_RW). Which specific Service Security Policy or internal gateway configuration governs this Git-scan endpoint so I can explicitly authorize API_RW to trigger it?

Have you done this step?

But I don't see the API tokens in the gateway write permissions

Those are custom security levels you would add in a previous step.

Thanks for your support and guidance. Since I'm new to Ignition, this was extremely helpful for me