This means that the client does not have permission to do whatever it attempting to do. Read through our permissions documentation and make sure the client has appropriate permissions to allow that action to be performed.


If you are using token authentication, remember that the capabilities specified when requesting a token are intersected with the capabilities of the underlying key to get the actual capabilities of the token.