My bot got a 403 error, even though it never happened before, and the code hasn't changed at all.

throw new DiscordAPIError(data, res.status, request);
            ^
DiscordAPIError: Bots cannot use this endpoint
  ---
{
  method: 'put',
  path: '/applications/---/guilds/---/mands/---/permissions',
  code: 20001,
  httpStatus: 403,
  requestData: { json: { permissions: [Array] }, files: [] }
}

Trying to set fullPermissions gives me a 405 Error instead

DiscordAPIError: 405: Method Not Allowed
  ---
{
  method: 'put',
  path: '/applications/---/guilds/---/mands/permissions',
  code: 0,
  httpStatus: 405,
  requestData: {
    json: [
      [Object], [Object], [Object],
      [Object], [Object], [Object],
      [Object], [Object], [Object],
      [Object], [Object], [Object],
      [Object], [Object], [Object],
      [Object], [Object], [Object],
      [Object], [Object], [Object],
      [Object]
    ],
    files: []
  }
}

The paths /applications/{applicationId}/guilds/{guildId}/mands/{mandId}/permissions and /applications/{applicationId}/guilds/{guildId}/mands/permissions worked perfectly fine before, why wouldn't they work now?

My bot got a 403 error, even though it never happened before, and the code hasn't changed at all.

throw new DiscordAPIError(data, res.status, request);
            ^
DiscordAPIError: Bots cannot use this endpoint
  ---
{
  method: 'put',
  path: '/applications/---/guilds/---/mands/---/permissions',
  code: 20001,
  httpStatus: 403,
  requestData: { json: { permissions: [Array] }, files: [] }
}

Trying to set fullPermissions gives me a 405 Error instead

DiscordAPIError: 405: Method Not Allowed
  ---
{
  method: 'put',
  path: '/applications/---/guilds/---/mands/permissions',
  code: 0,
  httpStatus: 405,
  requestData: {
    json: [
      [Object], [Object], [Object],
      [Object], [Object], [Object],
      [Object], [Object], [Object],
      [Object], [Object], [Object],
      [Object], [Object], [Object],
      [Object], [Object], [Object],
      [Object], [Object], [Object],
      [Object]
    ],
    files: []
  }
}

The paths /applications/{applicationId}/guilds/{guildId}/mands/{mandId}/permissions and /applications/{applicationId}/guilds/{guildId}/mands/permissions worked perfectly fine before, why wouldn't they work now?

• javascript
• discord
• discord.js

Share Improve this question Follow edited May 2, 2022 at 13:44 MrMythical asked Apr 28, 2022 at 18:21 MrMythicalMrMythical 9,03933 gold badges2121 silver badges4848 bronze badges

Add a ment  | 

1 Answer 1

Sorted by: Reset to default 7

Discord has released Permissions V2 to all guilds yesterday (April 27, 2022). Bots can no longer control the permissions, only server administrators can. It's better to put simple permission/role/user checks in the code instead if you want to restrict it, and remove the code that would be setting the mand permissions.

// only run for specific user
if (interaction.user.id !== "userId") return;
// only run for specific role
if (!interaction.member.roles.cache.has("roleId")) return;
// only run for specific permission
if (!interaction.member.permissions.has("BAN_MEMBERS")) return; // You can use any permission flag of course

Admins can set it by going to Server Settings --> Integerations, but you are able to programmatically edit the mand permissions using a Bearer Token with a scope called applications.mands.permissions.update, which you can get from a URL like this

https://discord./api/oauth2/authorize?client_id=CLIENT_ID&redirect_uri=REDIRECT_URI&response_type=token&scope=applications.mands.permissions.update

And you will get redirected to what you set the redirect_uri as, with URL parameters. You can copy the access_token part

PUT COMMAND PERMISSIONS

const applicationId = "APPLICATION_ID"
const guildId = "GUILD_ID"
const mandId = "COMMAND_ID" // Set this as your application ID to set default permissions
const url = `https://discord./api/v9/applications/${applicationId}/guilds/${guildId}/mands/${mandId}/permissions`
// requires the user that the bearer token belongs to have used applications.mands.permissions.update scope and have manage guild/roles permission
const token = "Bearer {token}" // replace {token} with what you copied from access_token
const payload = {
  permissions: [
    {
      id: "ID", // role/user/channel ID
      type: 1, // 1 for role, 2 for user, and 3 for channel
      permission: false // whether or not that role/user can use the mand or you can use the mand in the channel
    }
  ] 
}
await fetch(url, {
    method: "PUT",
    body: JSON.stringify(payload),
    headers: {
      Authorization: `${token}`,
      Accept: 'application/json',
     'Content-Type': 'application/json'
    },
  })

GET COMMAND PERMISSIONS

const applicationId = "APPLICATION_ID"
const guildId = "GUILD_ID"
const mandId = "COMMAND_ID" // Set this as your application ID to get default permissions
const url = `https://discord./api/v9/applications/${applicationId}/guilds/${guildId}/mands/${mandId}/permissions`
const token = "Bearer {token}"
await fetch(url, {
    method: "GET",
    headers: {
      Authorization: `${token}`,
      Accept: 'application/json',
     'Content-Type': 'application/json'
    },
  })

GET ALL COMMAND PERMISSIONS

const applicationId = "APPLICATION_ID"
const guildId = "GUILD_ID"
const url = `https://discord./api/v9/applications/${applicationId}/guilds/${guildId}/mands/permissions`
const token = "Bearer {token}"
await fetch(url, {
    method: "GET",
    headers: {
      Authorization: `${token}`,
      Accept: 'application/json',
     'Content-Type': 'application/json'
    },
  })