forbidden-ip
403 Forbidden — The credential is valid but was presented from a client IP outside its configured IP allowlist.
forbidden-ip
HTTP 403 Forbidden
Content-Type: application/problem+json
{
"type": "https://docs.transmute.403fin.io/errors/forbidden-ip",
"title": "...",
"status": 403,
"detail": "...",
"requestId": "req_01J..."
}
The credential is valid but was presented from a client IP outside its configured IP allowlist. This check runs before the scope check, and the response never echoes the caller's IP or the configured ranges.
Common causes
- Your egress IP changed (NAT gateway replacement, new region, proxy change)
- Traffic from a developer machine using a production key that is pinned to production ranges
How to fix it
Check your current egress IP from the affected host and contact support to update the allowlist — or use an unrestricted test key for development.
Does it bill?
No — rejected before the engine runs. See Test vs Live Keys for the full billing rules.
Related
- Errors Overview — the problem+json shape and the closed catalog
- Every response carries an
X-Request-Id; quote it when contacting support.
Was this page helpful?