Skip to content
Latchkey

CircleCI "context X not authorized" / restricted error

A job requested a context whose secrets it is not permitted to use. The context exists but is restricted by security group, branch, or organization policy that the current run does not satisfy.

What this error means

The job fails before running with a message that the context is restricted or the user is not authorized to use it, and the context secrets are unavailable.

CircleCI
Unauthorized: The job is requesting a context that is restricted.
You are not a member of a security group authorized to use 'prod-secrets'.

Common causes

The context is restricted to a security group

Context access is gated to a group, and the user or runner triggering the pipeline is not a member.

A branch or project restriction blocks it

A context rule limits use to certain branches or projects, and this run does not match.

How to fix it

Grant the run access to the context

  1. Open Organization Settings > Contexts and select the context.
  2. Add the security group the pipeline user belongs to, or relax the restriction.
  3. Re-run the workflow so the context secrets are available.

Reference the context correctly

Confirm the workflow names the exact context and that the job is allowed to use it.

.circleci/config.yml
workflows:
  deploy:
    jobs:
      - publish:
          context: prod-secrets

How to prevent it

  • Scope contexts to the right security groups deliberately.
  • Document which branches/projects may use restricted contexts.
  • Reference context names exactly as defined.

Related guides

Tired of flaky CI? Latchkey auto-heals failed jobs and retries them for you. Start free →