Skip to main content

The magically descriptive error 401 Forbidden "message": "Access denied on creating field 'uid'.".  You probably can sense the love I have for this error.  This was a painful error that took a little while to resolve.  First off I also had this error display as:

  • "Access denied on creating field 'uid'
  • "Access denied on creating field 'name'
  • "Access denied on creating field 'entity_id'

And I would have had more if I continued down the resolution path I was on.  Anyway something had to change and I recognised that this 401 error came in play for me when I did one of the following with my REST request:

  • Added _embedded script
  • Added uid
  • Added name {as in username}

A couple of blogs I came across (not specifically targeting this issue) noted check your permissions.  What exactly is this permission issue... the permission issue is access denied.  This tripped me as authenticated users could already add comments directly to the site.  However, with REST you also need to check 'Administer comments and comment settings' against the authenticated user (go to and check).