`forbidden`

forbidden

Description

The caller is authenticated, but lacks the permission or claim required by the endpoint.

HTTP Status

403 Forbidden

`doc_url` Format

The doc_url value is an absolute URL and changes by environment:

<docs-base-url>/errors/forbidden

Typical Causes

The access token is valid, but the required role is missing.
A restricted-access middleware rejected the caller.
A required identity claim is absent.

Example

Response:

json

{
  "errors": [
    {
      "code": "forbidden",
      "message": "INSUFFICIENT_ROLES",
      "doc_url": "https://docs.example.com/errors/forbidden"
    }
  ]
}

How To Fix

Sign in with an account that has the required permission.
Request the missing role or claim if this is expected.
Retry the request with a token that satisfies the access rule.

forbidden ​

Description ​

HTTP Status ​

doc_url Format ​

Typical Causes ​

Example ​