Cheat Sheet logoCheat Sheet Today
REST API Authentication, Authorization, and Versioning/Return 403 for insufficient role

Authenticated but lacks required permission.

Back to sheetBrowse commands
Sign in to save
Section: Authentication patterns

Return 403 for insufficient role

http
http
HTTP/1.1 403 Forbidden
Explanation

Use 403 when the user is known but does not have the right scope, role, or entitlement.

View in sheet →

Learn the surrounding workflow

Compare similar commands or jump into common fixes when this command is part of a bigger troubleshooting path.

Compare commandsView fixes

Related commands

Same sheet · prioritizing Authentication patterns
Bearer token header
Send an OAuth or JWT access token.
OpenIn sheethttpsame section
API key header
Send a static API key in a header.
OpenIn sheethttpsame section
Do not put tokens in the URL
Keep credentials out of path and query strings.
OpenIn sheettextsame section
Path-based versioning
Explicit major version in the URL.
OpenIn sheethttp1 tag match
Media type versioning
Negotiate version with the Accept header.
OpenIn sheethttp1 tag match
Date-based compatibility header
Pin behavior by release date.
OpenIn sheethttp1 tag match