Thrown when the authenticated user does not have permission
to perform the requested operation.
Common cause — merchant login with the wrong account role:POST /v1/auth/merchant/login/email and POST /v1/auth/merchant/login/google
return 403 Forbidden (not 401) when the credentials are valid but the
account has no merchant store associations (e.g. a buyer account used on the
merchant endpoint). The err.message will be:
"This account does not have merchant access. Use a merchant or owner account."
Use a different account or ask a store owner to add your account as a member.
try { awaitclient.merchant.auth.loginWithGoogle({ id_token }) } catch (err) { if (errinstanceofForbiddenError) { // Credentials were valid but account has no merchant store access. // err.message → "This account does not have merchant access. Use a merchant or owner account." console.error('Wrong account role:', err.message) } elseif (errinstanceofAuthError) { // Bad credentials or expired token — re-authenticate. console.error('Authentication failed:', err.message) } }
Thrown when the authenticated user does not have permission to perform the requested operation.
Common cause — merchant login with the wrong account role:
POST /v1/auth/merchant/login/emailandPOST /v1/auth/merchant/login/googlereturn403 Forbidden(not401) when the credentials are valid but the account has no merchant store associations (e.g. a buyer account used on the merchant endpoint). Theerr.messagewill be:"This account does not have merchant access. Use a merchant or owner account."Use a different account or ask a store owner to add your account as a member.
Example
Example