http
403 Forbidden
403 Forbidden|forbidden|insufficient permissions
Fixes
- 1.Check authentication token is valid and not expired — inspect the JWT payload at jwt.io
- 2.Verify the user/role has the required permission for this endpoint in your authorization logic
- 3.Check CSRF token — if using session auth, ensure the CSRF token header is included in the request
403authpermissions
Related Errors
http3 fixes
404 Not Found — Debugging
404 Not Found|Cannot (GET|POST|PUT|DELETE)|Route not found
- •Verify the URL path, method, and trailing slash — `/api/users` vs `/api/users/` may route differently
- •Check that the route is registered — look for typos in route decorator or router config
http3 fixes
500 Internal Server Error
500 Internal Server Error|InternalServerError|server error
- •Check server logs for the full stack trace — the 500 response usually hides the real error
- •Common causes: unhandled null reference, database connection failure, or missing environment variable
http3 fixes
CORS Preflight Failure
CORS|cross-origin|Access-Control-Allow-Origin|preflight|OPTIONS
- •Add CORS headers on the server: `Access-Control-Allow-Origin`, `Access-Control-Allow-Methods`, `Access-Control-Allow-Headers`
- •Ensure the server responds to OPTIONS preflight requests with 200/204 and the correct CORS headers