Sudo Required
This action requires a fresh re-authentication grant.
Status: 403
Type: https://brivo.ltd/docs/identity/api/errors/sudo-required
Some sensitive actions require the user to confirm their identity immediately before proceeding, even if they already have a valid session. This is called a sudo grant.
When this error is returned, the session is valid and the user has permission for the action, but the action requires a recent proof of identity before it will be allowed.
Flow
- The original request returns
403 sudo-requiredwith theactionname indetail. - Call
POST /auth/session/sudo(password) orPOST /auth/session/sudo/passkeywith the requiredaction. - On success, a
grantIdis returned. - Retry the original request with the header
X-Sudo-Grant: <grantId>.
Example
{
"type": "https://brivo.ltd/docs/identity/api/errors/sudo-required",
"title": "Forbidden",
"status": 403,
"detail": "Re-authentication required to perform \"delete-account\". Call POST /auth/session/sudo first."
}Actions that require sudo
Any destructive or sensitive operation may require a sudo grant. The detail field always names the specific action string to pass to the sudo endpoint.