DSAR-BE-1002: AUTH_APPROVER_ROLE

Alpha

DSAR is currently in alpha. APIs, package surfaces, configuration, and documentation may change as the project evolves.

Meaning

The actor is authenticated but does not have the role required for an approver-only operation.

Probable Causes

Request uses a member-level actor for an admin/approver endpoint.
Role propagation in gateway/session layer is incorrect.

How to Fix

Use a bearer token whose resolved identity has a role that is allowed for the operation (for example, admin).
Verify the role mapping between your identity provider or token resolver and DSAR.

Retryable

No. Retry only after changing actor role context.

Minimal Trigger Example

POST /api/v1/policies/custom/register HTTP/1.1
Host: localhost:4086
Authorization: Bearer member-token
content-type: application/json

{"jurisdiction":"uk","name":"custom-policy","version":"1.0.0","metadata":{"changelog":"init","compatibilityNotes":"none","releaseType":"minor"},"pack":{"jurisdiction":"uk","version":"1.0.0","effectiveAt":"2026-01-01T00:00:00.000Z","packId":"pack-uk-1","sections":{}}}