Getting a 403 Forbidden error message (invalid S3 bucket permissions?!) Stitch SPA - I cannot fix this!

I’m getting this error when I reload on any page in my SPA:

403 Forbidden

Code: AccessDenied
Message: Access Denied
RequestId: 46FED9D915F5AFAC
HostId: YRrZ4uibB6saqH9KwvZo1q+MXEAxjX9rEj+mSJDxyhfKUtXEPW8yQ8gWjaFMHKuG0y3c+hMrp94=

I should be getting 200 replies to my SPA urls

No combination of disabling/enabling hosting and various other settings toggles fixes this. I’m guessing it’s an internal Stitch bug.

Is this a borked S3 Bucket permissions issue?!

I’m dead in the water, help!

Hi Anthony,

Just to clarify the issue, are you saying that you can access a page (i.e. but when you reload the browser you’re getting the 403 forbidden error ?

Does the error message elaborate more on what it’s trying to access i.e. perhaps a .js file ?


The index.html page serves and pulls in all the linked css and js files fine, but when I reload a SPA url e.g. /auth/sign-in instead of replying with the code 200 and serving up the index.html page allowing the SPA to handle the url it gives me the code 403. I know Stitch utilizes S3 under the hood and this is what an error message looks like when permissions are set incorrectly. Maybe something went wrong when uploading new files? I don’t know but I can’t fix it through the Stitch UI.

HI @Anthony_McLaughlin,

Just to clarify, the error was triggered when you are accessing your page from [yourapp], and programmatically reloading to page to a relative page /auth/sign-in ?

Could you confirm whether you are still encountering this issue right now?



If I was on say [app] and refreshed the page with the browser it would return the Error 403 page outlined in my original post instead of a code 200.

It eventually went away after a few days. I have no idea how it got fixed.