• State Suggested Answer
  • Replies 6 replies
  • Answers 4 answers
  • Subscribers 11 subscribers
  • Views 389 views
  • Users 0 members are here
Related Discussions
Home » Discussions » General

403 Access Denied you don't have permission to view this page

durgaganeshp01
Certified Senior Developer



Hi Team,

I’m getting a 403 Access Denied error stating “You don't have permission to view this page” — can someone help me understand why this might be happening?

Note:  We have already checked the Process Model, Record Type, Site Objects Security settings — all users have Viewer access and are part of the required group.

  Discussion posts and replies are publicly visible

  • 0
    Certified Lead Developer

    Check security on all underlying objects used in that page, not just the parent objects.
    Also validate the User Start Page in the Admin Console; the Default Start Page URL might have a trailing slash (/), causing malformed email task links (double //).
    Additionally, validate the site page visibility once.

  • 0
    Certified Lead Developer

    It really depends on what user is getting this, when, and what URL they're trying to view.  Often in my system users might see this if someone sends them a URL to use but the URL is actually for a site the target user doesn't have permission to view.  Can you provide some more context?

  • 0
    Certified Lead Developer

    The 403 status & URL should be logged in the Tomcat Access logs. Sifting through our own logs, there's no 'extra' information about 403 errors - just the URL and the time to respond. So the URL itself is key for us to help you determine a root cause.

    In addition to the things that others have said, I have seen this 403 error when

    • SAML has timed out and the user's authentication token needed to be refreshed via the SSO provider. This often requires a full sign-in to the SSO provider when MFA is involved.
    • SAML is incorrectly configured for a given user - for example, if a user gets married and changes their name, sometimes the IT group wouldn't have the username in sync other properties in Appian, the properties / username didn't update (or create a new user), and thus it wouldn't reconcile between the SSO provider and Appian. This required manual intervention to update the username to what IT had updated it to. Not sure why it didn't auto-reconcile, but the fix was easy and it was a rare occurrence.
    • User was sent a link to a record, but they did not have access to that record type  as a viewer.
    • If the user can see the record type (e.g. a grid), but don't have access to an individual record (e.g. due to row-level security) I believe they would see a different 'pink box' error (not a 403). It's worth double-checking this though, as error handling / pink boxes are subject to change with Appian versions.
    • I vaguely remember seeing this when sent a link to a task at some point but getting an error 
    • User was sent a link to a URL behind /design, but isn't in the Designers group. Not sure if this error is similar for the Appian cloud database
  • 0
    Certified Senior Developer
     in reply to Jesse Knight

    I hope these logs help with the investigation.     

      

  • 0
    Certified Lead Developer
     in reply to durgaganeshp01

    This log error doesn't necessarily help us narrow down the issue. What URL do you go to that causes the 403? What set of links do you click?

    This particular error seems to be an issue related to custom attributes or relationships added to Appian's built-in User sync'ed record. There are a few different reasons that error could occur.

  • 0
    Certified Lead Developer
     in reply to durgaganeshp01

    I agree with Jesse, nothing in that screenshot seems to stand out for me as to what could be causing the error you describe.

    Did you look into the questions I asked last week in my own original comment on this thread?

© 2026 Appian. All rights reserved.
We want to hear from you! Submit a review on Gartner or G2.