403 Error on upload

So I’m on a fun one here. Can’t seem to figure out what is going on.

I have Strapi setup on Heroku using the built in Postgres option with Heroku. When I try to access /upload while I am authenticated I get a 403 error. First thing I did was log into Strapi and check to see if my roles were setup correctly. I checked my Authenticated Role and found that upload was checked. So any authenticated user in theory should be able to upload. Yet I get a 403 error everytime. I am also using cloudinary for image optimaiztion. I can upload via stapi fine but can’t via my frontend thats when I get the 403 error. I know much of the documentation show that you need to have formData properly setup and when in development it was working fine. Now that the backend is in production, I get the 403 error. I can’t seem to figure out why I am getting this error.

just wanted to add this is what I am seeing in papertrail in heroku

Jun 17 05:48:38 [heroku/router] at=info method=POST path="/upload" host=jhdarbeta.herokuapp.com request_id=[2027986f-def0-48bd-a7ff-370b9a86f955] fwd="[]" dyno=web.1 connect=1ms service=46171ms status=403 bytes=414 protocol=https

Jun 17 05:48:38 [jhdarbeta] [app/web.1] [2021-06-17T12:48:38.130Z] debug POST /upload (46159 ms) 403

Helps if the component you are using to set the image has the bearer token lol

Hey @frostyKlosty . I’m experiencing the same error now and was wondering if you could give a little bit more information about how you solved this problem. I’m trying to uploading images from within Strapi’s admin portal and am also seeing a 403 error.

To confirm: that’s not what you were experiencing, right? It seems like you were trying to hit the /uploads endpoint externally? If it was inside of the admin portal, can you give me some more detail on how you fixed this? I’m not clear on where I would set a bearer token here, nor why I should have to.


any luck here ? @Jem_Zornow . I seem to have run into something similar

Facing the same issue, the worst part is the 403 forbidden error is shown randomly, means for some files the upload works, for other random files it doesn’t,
The issue is on both side, from strapi admin panel upload plugin, and from any other client side project !!

Any help please ?


hi there, what does it mean bearer token?
i had such a problem, resolved with setting roles and permisiions.
But now on request i receive id and timestamps…
and on represent setting it mation that i should receive image. as resposnse i recieve json, so can i get image?))