API Response Code 403 Forbidden — “This indicates that no one is allowed to access the requested resource, regardless of authentication. “
Basically, I am logged in, the token is ok but I am not allowed to perform the action, because I have not been granted the necessary permissions.
Example: Being a regular user I try to delete another regular user, when only a superuser would be allowed to do that in this system. The response code is 403.