"Fixing 'Mutation' Issue Due to Insufficient Permissions in React and NextJs Web App with Sanity CMS"
2 replies
Last updated: Jul 26, 2023
J
Hello, is anyone here know how to fix "Mutation" issue due to Insufficient permissions. I have my web app built with React and NextJs and Sanity for CMS. I cannot post comments on my blog (but it works in my local, except in vercel) and the error is what is shown below everytime i post comments. Thank you.
ClientError: Mutation(s) failed with 1 error(s)
at onResponse (/var/task/node_modules/@sanity/client/lib/http/request.js
:19:13) at applyMiddleware (/var/task/node_modules/get-it/lib-node/util/middlewareReducer.js
:15:15) at onResponse (/var/task/node_modules/get-it/lib-node/index.js
:89:22) at /var/task/node_modules/get-it/lib-node/index.js
:59:55 at callback (/var/task/node_modules/get-it/lib-node/request/node-request.js
:65:46) at /var/task/node_modules/get-it/lib-node/request/node-request.js
:154:14 at DestroyableTransform.<anonymous> (/var/task/node_modules/simple-concat/index.js
:8:13) at Object.onceWrapper (node
:events:627:28) at DestroyableTransform.emit (node
:events:525:35) at endReadableNT (/var/task/node_modules/readable-stream/lib/_stream_readable.js
:1010:12) { response: {
body: { error: [Object] },
url: '
https://r4ni59be.api.sanity.io/v2023-01-30/data/mutate/production?returnIds=true&returnDocuments=true&visibility=sync ', method: 'POST',
headers: {
'content-type': 'application/json; charset=utf-8',
'x-ratelimit-limit-second': '50',
'ratelimit-limit': '50',
'ratelimit-remaining': '49',
'ratelimit-reset': '1',
'x-ratelimit-remaining-second': '49',
date: 'Tue, 25 Jul 2023 08
:42:03 GMT', 'content-encoding': 'gzip',
'server-timing': 'api;dur=14',
vary: 'Accept-Encoding, origin',
'x-sanity-shard': 'gcp-eu-w1-01-prod-1032',
'x-served-by': 'gradient-web-85dcf77667-c9hs9',
'strict-transport-security': 'max-age=15724800; includeSubDomains',
xkey: 'project-r4ni59be, project-r4ni59be-production',
via: '1.1 google',
'alt-svc': 'h3=":443"; ma=2592000,h3-29=":443"; ma=2592000',
connection: 'close',
'transfer-encoding': 'chunked'
},
statusCode: 403,
statusMessage: 'Forbidden'
},
statusCode: 403,
responseBody: '{\n' +
' "error": {\n' +
' "description": "Mutation(s) failed with 1 error(s)",\n' +
' "items": [\n' +
' {\n' +
' "error": {\n' +
' "description": "Insufficient permissions; permission \\"create\\" required",\n' +
' "permission": "create",\n' +
' "type": "insufficientPermissionsError"\n' +
' },\n' +
' "index": 0\n' +
' }\n' +
' ],\n' +
' "type": "mutationError"\n' +
' }\n' +
'}',
details: {
description: 'Mutation(s) failed with 1 error(s)',
items: [ [Object] ],
type: 'mutationError'
}
}
ClientError: Mutation(s) failed with 1 error(s)
at onResponse (/var/task/node_modules/@sanity/client/lib/http/request.js
:19:13) at applyMiddleware (/var/task/node_modules/get-it/lib-node/util/middlewareReducer.js
:15:15) at onResponse (/var/task/node_modules/get-it/lib-node/index.js
:89:22) at /var/task/node_modules/get-it/lib-node/index.js
:59:55 at callback (/var/task/node_modules/get-it/lib-node/request/node-request.js
:65:46) at /var/task/node_modules/get-it/lib-node/request/node-request.js
:154:14 at DestroyableTransform.<anonymous> (/var/task/node_modules/simple-concat/index.js
:8:13) at Object.onceWrapper (node
:events:627:28) at DestroyableTransform.emit (node
:events:525:35) at endReadableNT (/var/task/node_modules/readable-stream/lib/_stream_readable.js
:1010:12) { response: {
body: { error: [Object] },
url: '
https://r4ni59be.api.sanity.io/v2023-01-30/data/mutate/production?returnIds=true&returnDocuments=true&visibility=sync ', method: 'POST',
headers: {
'content-type': 'application/json; charset=utf-8',
'x-ratelimit-limit-second': '50',
'ratelimit-limit': '50',
'ratelimit-remaining': '49',
'ratelimit-reset': '1',
'x-ratelimit-remaining-second': '49',
date: 'Tue, 25 Jul 2023 08
:42:03 GMT', 'content-encoding': 'gzip',
'server-timing': 'api;dur=14',
vary: 'Accept-Encoding, origin',
'x-sanity-shard': 'gcp-eu-w1-01-prod-1032',
'x-served-by': 'gradient-web-85dcf77667-c9hs9',
'strict-transport-security': 'max-age=15724800; includeSubDomains',
xkey: 'project-r4ni59be, project-r4ni59be-production',
via: '1.1 google',
'alt-svc': 'h3=":443"; ma=2592000,h3-29=":443"; ma=2592000',
connection: 'close',
'transfer-encoding': 'chunked'
},
statusCode: 403,
statusMessage: 'Forbidden'
},
statusCode: 403,
responseBody: '{\n' +
' "error": {\n' +
' "description": "Mutation(s) failed with 1 error(s)",\n' +
' "items": [\n' +
' {\n' +
' "error": {\n' +
' "description": "Insufficient permissions; permission \\"create\\" required",\n' +
' "permission": "create",\n' +
' "type": "insufficientPermissionsError"\n' +
' },\n' +
' "index": 0\n' +
' }\n' +
' ],\n' +
' "type": "mutationError"\n' +
' }\n' +
'}',
details: {
description: 'Mutation(s) failed with 1 error(s)',
items: [ [Object] ],
type: 'mutationError'
}
}
Jul 25, 2023, 9:16 AM
You’ll need to include a token in order to write to your dataset from outside of the Studio.
Jul 25, 2023, 6:12 PM
J
Yeah thank you. I already solved this issue. I just forgot to include the env variables of token
Jul 26, 2023, 11:19 AM
Sanity– build remarkable experiences at scale
Sanity is a modern headless CMS that treats content as data to power your digital business. Free to get started, and pay-as-you-go on all plans.