Go Behind the Experience to see how Tecovas brings the West to life with Sanity 🤠 July 18th

Issue with updating a boolean value in a mutation resulting in a 403 error.

11 replies
Last updated: Feb 1, 2023
Hi All, I'm trying to a mutation to change a boolean true to false and getting this 403 error in the network tab
    "error": {
        "description": "Mutation(s) failed with 1 error(s)",
        "items": [
                "error": {
                    "description": "Insufficient permissions; permission \"update\" required",
                    "permission": "update",
                    "type": "insufficientPermissionsError"
                "index": 0
        "type": "mutationError"
My write token is editor so I'm not what else to try. Any help would be appreciated
Jan 26, 2023, 4:02 AM
This is the function I'm hoping makes the mutation
export async function decQuanity(id: string, token?: string | null): Promise<void> {
  if (projectId) {
    const client = createClient({
      token: token || undefined
    await client.patch(id).set({ forSale: false }).commit()

Jan 26, 2023, 4:07 AM
Hi User. What’s the context where you’re calling this function?
Jan 26, 2023, 6:00 AM
I'm using it in an onclick event. It's store where a painting is either for sale or not for defined by the boolean forSale. I was hoping that when someone adds the painting to the cart, I could could mutate the boolean to false so some else could not buy the paining.
Jan 26, 2023, 6:03 AM
Thank you. I’m not actually sure that
can take a write token (but I’m happy to be proven wrong). I’ll have to take a closer look tomorrow (unless you get an answer before that).
Jan 26, 2023, 6:24 AM
Thanks, have a good night
Jan 26, 2023, 6:27 AM
You too!
Jan 26, 2023, 6:27 AM
Good Morning, I tried this but still 403
export async function decQuanity(id: string): Promise<void> {
  const mutations = [
      patch: {
        set: {
          forSale: false
  if (client) {
    await client.patch(id).set({ mutations }).commit()
I have a token on the client = to

export const token = process.env.SANITY_API_WRITE_TOKEN

Jan 26, 2023, 4:10 PM
Ahhhh needed Next_Public_ on the env. Now just to get the patch event lined up with the schema
Jan 26, 2023, 4:16 PM
Hello User, easy peasy:

client.patch(id).set({ forSale: false }).commit()

Feb 1, 2023, 11:37 AM
You are mixing the http API for mutations with the client and thus setting your mutations array as an array called mutations with you patch object as an item. 😉
here is all you need
👉 https://www.sanity.io/docs/js-client#patch-update-a-document
Feb 1, 2023, 11:39 AM
Thank you
user J
, start easy peasy, then complicate your coding life, I like that. I had figured the set but hadn't thought to read the sanity client documentation so that is 🥇.
Feb 1, 2023, 4:02 PM

Sanity– build remarkable experiences at scale

Sanity is a modern headless CMS that treats content as data to power your digital business. Free to get started, and pay-as-you-go on all plans.

Was this answer helpful?