Example
{
  "meta": {
    "requestId": "req_2c9a0jf23l4k567"
  },
  "error": {
    "detail": "The resource you are attempting to modify is protected and cannot be changed",
    "status": 403,
    "title": "Forbidden",
    "type": "https://unkey.com/docs/api-reference/errors-v2/unkey/application/protected_resource"
  }
}

What Happened?

This error occurs when you attempt to modify or delete a resource that is marked as protected in the Unkey system. Protected resources have special status that prevents them from being changed or removed, typically because they are system resources, defaults, or otherwise critical to proper system operation.

Common scenarios that trigger this error:

  • Attempting to delete a default API or workspace
  • Trying to modify system-created roles or permissions
  • Attempting to change protected settings or configurations
  • Trying to remove or alter resources that are required for system integrity

Here’s an example of a request that might trigger this error:

# Attempting to delete a protected default API
curl -X DELETE https://api.unkey.com/v1/apis.deleteApi \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer unkey_YOUR_API_KEY" \
  -d '{
    "apiId": "api_default_protected"
  }'

How To Fix

Since protected resources are deliberately shielded from modification, the solution is usually to work with or around them rather than trying to change them:

  1. Work with the protected resource: Use the resource as-is and build your workflows around it
  2. Create a new resource: Instead of modifying a protected resource, create a new one with your desired configuration
  3. Use alternatives: Look for alternative ways to achieve your goal without modifying protected resources
  4. Contact support: If you believe you have a legitimate need to modify a protected resource, contact Unkey support

For example, instead of deleting a protected API, you might create a new one:

curl -X POST https://api.unkey.com/v2/apis.createApi \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer unkey_YOUR_API_KEY" \
  -d '{
    "name": "My Custom API"
  }'

Important Notes

  • Protected resources are designated as such for system stability and security reasons
  • Even with admin or owner permissions, protected resources typically cannot be modified
  • This protection is separate from permission-based restrictions and applies even to workspace owners
  • The protection status of a resource is not typically exposed in API responses until you try to modify it

Was this page helpful?

Suggest editsRaise issue