forbidden-scope
403 Forbidden — The credential is valid but lacks the scope this route requires.
forbidden-scope
HTTP 403 Forbidden
Content-Type: application/problem+json
{
"type": "https://docs.transmute.403fin.io/errors/forbidden-scope",
"title": "...",
"status": 403,
"detail": "...",
"requestId": "req_01J..."
}
The credential is valid but lacks the scope this route requires.
Common causes
- Calling
/v1/webhooksor/v1/connectionswith a default-scoped key (webhooks:manage/connections:manageare opt-in) - Calling
GET /v1/usagewithout theusage:readscope - An OAuth token minted with a narrowed
scopeparameter that excluded this route
How to fix it
Create a new key with the needed scope selected (scopes are fixed at creation), or mint an OAuth token without narrowing.
Does it bill?
No — rejected before the engine runs. See Test vs Live Keys for the full billing rules.
Related
- Errors Overview — the problem+json shape and the closed catalog
- Every response carries an
X-Request-Id; quote it when contacting support.
Was this page helpful?