Skip to main content

Why Am I Getting Error 403 (Forbidden)?

  • Updated

A 403 error indicates that the server understands your request but refuses to authorise it. Here are the common reasons:

 

Account Restrictions or Bans

Your account might have temporary restrictions in place due to various reasons, such as temporary bans, rate limiting, or specific limitations imposed on your account.

 

Common Cause (Rate Limiting)

A frequent reason is exceeding the API rate limits by sending too many requests within a short timeframe. This can happen if your application is submitting invalid orders repeatedly or if you have an unstable internet connection causing excessive reconnections.

 

Troubleshooting

  • Check Rate Limits: Review the Rate Limits page to ensure your application adheres to the specified requirements. Be cautious to avoid repeated violations, as this can lead to increasingly longer bans.
  • Wait and Retry: If you suspect a temporary rate limit, wait for at least one hour and then try your request again.
  • Contact Support: If the issue persists after an hour, contact support with your IP address for clarification on your account status and to resolve any restrictions.

 

Incorrect API Key Permissions

Your API key might not have the necessary permissions to perform the action you are attempting. API keys are often configured with specific access levels.

 

Troubleshooting

  • Verify Permissions: Go to the API Keys page and double-check the permissions associated with the API key you are using. Ensure these permissions align with the specific API endpoint or action you are trying to access.
    Screenshot 2023-08-08 at 6.03.19 PM.png
    Screenshot 2023-08-08 at 6.04.37 PM.png
  • Refer to Documentation: Consult the API Key Permissions page for detailed information on the required permissions for different API calls.

 

Authentication and Authorisation Issues

APIs typically employ authentication mechanisms to verify the identity of users and ensure secure access. If your authentication credentials are invalid, expired, or missing, you may encounter a 403 error.

 

Troubleshooting

  • Verify Credentials: Ensure you are providing the correct authentication details, such as API keys, signatures, and timestamps, and that they are correctly formatted according to the API documentation.
  • Review Authentication Guide: Refer to the Authenticating with an API Key guide for detailed instructions and best practices.

 

Network or Server Issues

In some cases, the 403 error may be caused by temporary network problems or issues on the platform's servers, potentially leading to denied access.

 

Troubleshooting

  • Check Status Page: Visit the BitMEX Status page and Announcements to see if there are any reported ongoing issues or maintenance that might be affecting API access.
  • Retry Later: If you suspect a temporary server issue, wait 5-10 minutes and try your request again.
  • Contact Support: If there are no reported issues and the error continues for a longer period (e.g., 30 minutes or more), then contact support with your IP address to 

Related articles

This website is operated by HDR Global Trading Limited, a company incorporated under the International Business Companies Act of 1994 of the Republic of Seychelles with a company number of 148707 and registered address at Global Gateway 8, Rue de la Perle, Providence Mahé, Seychelles (“HDR”). HDR wholly owns BitMEX, a Bitcoin-based trading platform.


Access to trading or holding positions on BitMEX is prohibited for any person or entity that is located, incorporated or otherwise established in, or a citizen or a resident of: (i) the United States of America, Québec (Canada), the Hong Kong Special Administrative Region of the People’s Republic of China, the Republic of Seychelles, Bermuda, Cuba, Crimea and Sevastopol, Iran, Syria, North Korea or Sudan; (ii) any state, country or other jurisdiction that is embargoed by the United States of America; or (iii) any other jurisdiction where the services offered by BitMEX are restricted (collectively “Restricted Jurisdictions”). If it is determined that any BitMEX user has given false representations as to their location, incorporation, establishment, citizenship or residence, or HDR detects a user is from a Restricted Jurisdiction as described above, HDR reserves the right to immediately close their accounts and liquidate any open positions. HDR may, in its sole discretion, implement controls to restrict access to the BitMEX trading platform in any of the Restricted Jurisdictions.