Back to Status Codes
Client Error (4xx)

HTTP 403 Forbidden

The server understood the request but refuses to authorize it. Authentication won't help.

403

Forbidden

The server understood the request but refuses to authorize it. Authentication won't help.

What Causes HTTP 403?

  • User authenticated but lacks required permissions
  • IP address or geographic location is blocked
  • Resource access is restricted by role or scope
  • Rate limiting has blocked the request
  • Server-configured access control rules

Code Examples

See how HTTP 403 responses look in different programming languages and tools.

curl -X GET https://api.example.com/admin \
  -H "Authorization: Bearer user-token"
# Response: 403 Forbidden (user lacks admin role)

How to Fix HTTP 403

  • Verify the authenticated user has the required permissions
  • Check if resource access is restricted by IP or location
  • Contact API administrator to request elevated permissions
  • Review API documentation for required scopes or roles
  • Implement proper role-based access control (RBAC)

Related Status Codes

400Bad Request

The request was malformed or invalid. The server cannot process it.

401Unauthorized

Authentication is required. The client must provide valid credentials.

404Not Found

The requested resource could not be found on the server.

405Method Not Allowed

The HTTP method used is not supported for this endpoint.

429Too Many Requests

Rate limit exceeded. The client has sent too many requests in a given time period.

500Internal Server Error

The server encountered an unexpected condition that prevented it from fulfilling the request.

Test Your APIs

API Response Time Checker

Test your API endpoints and see exactly which status codes they return

API Uptime Monitor

Monitor your API for errors and track status code distributions

Frequently Asked Questions

What does HTTP 403 mean?

The server understood the request but refuses to authorize it. Authentication won't help.

What causes HTTP 403?

User authenticated but lacks required permissions. IP address or geographic location is blocked. Resource access is restricted by role or scope. Rate limiting has blocked the request. Server-configured access control rules

How to fix HTTP 403?

Verify the authenticated user has the required permissions. Check if resource access is restricted by IP or location. Contact API administrator to request elevated permissions. Review API documentation for required scopes or roles. Implement proper role-based access control (RBAC)

http 403forbidden errorhttp status codesapi error handlingrest api client error