Token missing update permission despite no option in Sanity API settings

I understand your frustration! This is actually a common point of confusion about how Sanity API tokens work. The key thing to understand is that tokens don't have permissions listed directly on them - instead, they inherit permissions from the role assigned to the token.

When you see errors mentioning "update" permission, it means your token is assigned a role that doesn't include write permissions (like "Viewer" which is read-only). Here's how to fix this:

The Solution

1. Go to Sanity Manage (or run npx sanity@latest manage from your project)
2. Navigate to the API tab
3. Create a new token and assign it the "Editor" role (or another role with write permissions)
4. Replace your old token with this new one in your environment variables

Understanding Token Permissions

As explained in the API tokens documentation, tokens work like this:

• Viewer role = read-only access (no create/update/delete)
• Editor role = full read and write access
• Custom roles = whatever permissions you've configured

The confusing part is that when you look at the token in Manage, you won't see a checkbox list of permissions like "read", "update", "delete" - you just see the role name. The permissions are defined by that role.

Important Security Note

If you need write access (update/create/delete), make sure you're using this token only on the server-side or in Sanity Functions, never in client-side/frontend code. Write tokens should be kept in environment variables and never exposed to browsers.

If you're still seeing issues after creating an Editor token, double-check that:

• You're using the new token (not the old one)
• Your environment variables are properly loaded
• You've restarted your dev server after updating the token

Hope this clears things up!