# API02005: Insufficient Permissions

## What This Means[​](#what-this-means "Direct link to What This Means")

Your user account lacks the specific WordPress capabilities required for this action. While you have basic access, the particular operation you're attempting needs additional permissions.

## Common Causes[​](#common-causes "Direct link to Common Causes")

* **Limited user role** — Your role doesn't include all needed capabilities
* **Capability not assigned** — A specific capability is missing from your role
* **Plugin restrictions** — A security plugin is limiting capabilities
* **Custom role issues** — Custom roles may be missing capabilities

## Server Error Mapping[​](#server-error-mapping "Direct link to Server Error Mapping")

This error code is triggered when the server returns:

| Server Code                      | Source                         |
| -------------------------------- | ------------------------------ |
| `rest_forbidden`                 | WordPress REST API             |
| `rest_cannot_create`             | WordPress REST API             |
| `rest_cannot_edit`               | WordPress REST API             |
| `rest_cannot_delete`             | WordPress REST API             |
| `woocommerce_rest_cannot_create` | WooCommerce REST API           |
| `woocommerce_rest_cannot_edit`   | WooCommerce REST API           |
| `woocommerce_rest_cannot_delete` | WooCommerce REST API           |
| HTTP 403                         | Any server response (fallback) |

## How to Fix[​](#how-to-fix "Direct link to How to Fix")

### 1. Review Required Capabilities[​](#1-review-required-capabilities "Direct link to 1. Review Required Capabilities")

Common capabilities needed for POS operations:

* `manage_woocommerce` — General WooCommerce management
* `edit_shop_orders` — Create and edit orders
* `edit_products` — Modify product information
* `edit_users` — Manage customer accounts

### 2. Upgrade User Role[​](#2-upgrade-user-role "Direct link to 2. Upgrade User Role")

Ask an administrator to assign a more capable role:

* **Shop Manager** — Full WooCommerce access
* **Administrator** — Full site access

### 3. Add Specific Capabilities[​](#3-add-specific-capabilities "Direct link to 3. Add Specific Capabilities")

If you need a custom role, add required capabilities:

```
// Example: Add POS capabilities to a custom role

$role = get_role('your_custom_role');

$role->add_cap('manage_woocommerce');

$role->add_cap('edit_shop_orders');
```

### 4. Check Plugin Conflicts[​](#4-check-plugin-conflicts "Direct link to 4. Check Plugin Conflicts")

Some security or role management plugins may restrict capabilities:

* Review plugin settings
* Check for capability filters
* Temporarily disable to test

## Related Errors[​](#related-errors "Direct link to Related Errors")

* [API02004](/error-codes/API02004.md) — User Not Authorized
* [API02010](/error-codes/API02010.md) — Auth Required