Skip to content
Latchkey

What Is HTTP 403 Forbidden?

HTTP 403 Forbidden explained, and what it means when you see it in CI/CD and deployments.

HTTP 403 means the server understood the request but refuses to authorize it.

What it means

A 403 is about authorization (permissions), not identity. You are recognized but lack permission for the resource or action.

When you see it in CI/CD

In CI, a 403 often means a token has insufficient scopes (e.g. a GITHUB_TOKEN without packages: write) or an IAM policy is too narrow. Fix the permissions; retrying will not help.

Key takeaways

  • 403 means permission denied.
  • Token scope or IAM policy is too narrow.
  • Retrying will not fix it.

Related guides

Tired of flaky CI? Latchkey auto-heals failed jobs and retries them for you. Start free →