A client may receive a 403 status code because the client does not have the necessary permissions for a resource or needs some kind of account. Alternatively, the client may be attempting some sort of prohibited action, such as creating a duplicate record where only one is allowed.