Community Discussions

On a partner tenant (integration-partner), I enabled v3 data-export for all three entities (vulnerabilities, applications, risk-factors) via POST /_enable before midnight UTC. ~10h after the 00:00 UTC cycle, all three still return:
{"urls": [], "urls_creation_time": null, "enabled": true, "file_format": "parquet"} No file generated for any entity.

The docs say the token needs access to "all sites and boundaries." I requested the entire documented scope enum — all 12 were granted. But:

• GET /settings/boundaries returns 403: Missing scopes: {'PERMISSION.SETTINGS.BOUNDARY.READ'}
• That scope is not in the /oauth/token scope enum, and requesting it explicitly is accepted but silently dropped from the issued token.

So this vendor integration appears unable to obtain boundary access at all.

Questions:

1. Does export generation require boundary visibility, and if so, how can this integration obtain PERMISSION.SETTINGS.BOUNDARY.READ when it's not in the grantable enum?
2. Is there a tenant/role provisioning step needed for exports to generate on a partner tenant?
3. Is there any export job-status/error endpoint to see why generation produced nothing?