API error type

Forbidden

HTTP 403 · https://errors.driftstack.dev/forbidden

What it means

The credentials are valid but not allowed to perform this operation — wrong scope (e.g. a read-only key calling a write endpoint) or wrong role.

How to fix it

Use a key with the `write` scope for mutating calls, or have the account owner perform the operation.

Where it appears

In the type field of the RFC 9457 application/problem+json error body, alongside title, status, detail, and an instance correlation id.

Related

• Unauthorized · /unauthorized
• MFA step-up required · /mfa-step-up-required