403 Forbidden
The server understood the request but refuses to authorize it.
A server that wishes to make public why the request has been forbidden can describe that reason in the response payload (if any).
If authentication credentials were provided in the request, the server considers them insufficient to grant access. The client SHOULD NOT automatically repeat the request with the same credentials. The client MAY repeat the request with new or different credentials. However, a request might be forbidden for reasons unrelated to the credentials.
An origin server that wishes to "hide" the current existence of a forbidden target resource MAY instead respond with a status code of 404 Not Found.
- Source: RFC7231 Section 6.5.3
403 Code References
-
.NET HTTP Status Enum
HttpStatusCode.Forbidden -
Rust HTTP Status Constant
http::StatusCode::FORBIDDEN -
Rails HTTP Status Symbol
:forbidden -
Go HTTP Status Constant
http.StatusForbidden -
Symfony HTTP Status Constant
Response::HTTP_FORBIDDEN -
Python2 HTTP Status Constant
httplib.FORBIDDEN -
Python3+ HTTP Status Constant
http.client.FORBIDDEN -
Python3.5+ HTTP Status Constant
http.HTTPStatus.FORBIDDEN
