Trying to write an SmartApp that stores internal settings to simplify the event handler logic. (JS) The app has several stages, for each stage, upon device event, there are different reaction.
When I ran
let settings = await context.api.apps.getSettings(context.installedAppId);
console.log(settings);
I got
2021-12-24T09:06:27.589Z error: Error: Request failed with status code 403
How should I correct my code?
As far as I can remember, Apps API-specific calls can only be executed using a Personal Access Token.
Maybe @nayelyz or @andresg will be able to confirm so : ]
(btw, merry christmas!! 
)
Thanks, @erickv !
He’s right, @sippey. The token we get from a SmartApp can interact with the ST API based on the authorized scopes.
The settings endpoint you’re referring to, requires w:apps which is not included in the allowed scopes of the SmartApp (see its description on the API reference).
You would have to use a Personal Access Token as Erick mentioned. To do so, you can include the Core SDK which the SmartApp SDK is based on.
For example, this snippet was used to saved on these settings the ID of the Rule created by the SmartApp so it wasn’t lost in case the server rebooted:
const {SmartThingsClient, BearerTokenAuthenticator} = require('@smartthings/core-sdk')
const client = new SmartThingsClient(new BearerTokenAuthenticator('{YOUR-PAT-TOKEN}'))
let ruleidsetting = {
settings: {
createdRuleId: ruleid,
}
};
client.apps.updateSettings(appId, ruleidsetting).then((response) => {
console.log("saveruleid: ", JSON.stringify(response));
});