Smart action throws 403 error

Feature(s) impacted

Smart action with name “Send password reset email”

Observed behavior

When we use this action, it throw an error (403) with “permission denied” (in dev tools)

Expected behavior

Action works correct without error throwing

Failure Logs

copy pasted error from dev tools:

  1. detail: “Forbidden”
  2. name: “ForbiddenError”
  3. status: 403


  • Project name: ytech_admin
  • Team name: Operations
  • Environment name: Production / Client (on Staging / local dev branches all work)
  • Agent type & version: “forest-express-mongoose”: “^8.7.8”
  • Recent changes made on your end if any: no changes

I tried to change smart actions URL - this not help. Also, toggling action permission (on/off) do same effect and not help.

So, I resolved this issue, but, I don’t need resolving like this

If we remove “update” permission from collection (which this action affect), action throws 403 and not work. But if we add “update” permission - it works. I need to make this action work with removed “update” permission, how can I do that? And how this can be connected o_o

Hello @heyMakar

I’m not sure I understand your issue

Is your post related to this one? Smart Action Route does not handle `permissionMiddlewareCreator.update()` on v9 - #2 by romaing

I just noticed we’ve use smart actions without .smartAction() middleware ><

Thanks, that helps to resolve my issue