4xx Client Error
HTTP 403 Forbidden
The server understood the request but refuses to authorize it. Unlike 401, authenticating again will not help — the client simply does not have permission to access this resource.
Common Causes
- Insufficient permissions for the requested resource
- IP address blocked or blacklisted
- Directory listing disabled on the server
- CORS policy blocking the request
How to Fix
- 1Verify your account has the required permissions or role
- 2Check server access control lists and firewall rules
- 3Contact the administrator to request access
- 4Review CORS configuration if it's a cross-origin issue
Example
HTTP 403 Forbidden
GET /admin/settings HTTP/1.1 Authorization: Bearer user-token → 403 Forbidden → "Admin role required"
Related Client Error Codes
400
Bad Request
401Unauthorized
402Payment Required
404Not Found
405Method Not Allowed
406Not Acceptable
407Proxy Authentication Required
408Request Timeout
409Conflict
410Gone
411Length Required
412Precondition Failed
413Content Too Large
414URI Too Long
415Unsupported Media Type
416Range Not Satisfiable
417Expectation Failed
418I'm a Teapot
421Misdirected Request
422Unprocessable Content
423Locked
424Failed Dependency
425Too Early
426Upgrade Required
428Precondition Required
429Too Many Requests
431Request Header Fields Too Large
451Unavailable For Legal Reasons