You don't have permission to access this resource

Dear team,

I migrated fril v4 to v5 (latest version) with php 8.1 and mysql 8

I may have made a mistake by entering the new url without the /public, i entered only the old site was
well, all went fine, all the data was migrated to the new version. clients, invoices, users, products… payments, all is there…
I have changed no permissions in any folder! that also may be a mistake!
my problem is that whenever I made a change, for example under my company, there is an error telling that my company is not activated, I click on that i leads me to the page to activate it, it activate and click save, i got this error message:
Error: please check that Invoice Ninja v5 is installed on the server



403 Forbidden


You don't have permission to access this resource.

Headers: {content-length: 199, content-type: text/html; charset=iso-8859-1, date: Mon, 24 Apr 2023 17:49:11 GMT, server: Apache, strict-transport-security: max-age=63072000; includeSubDomains}}

P.S: I used the same email for both installation in v4 and v5! that also may be a mistake!

Any help about this!
Thank you and sorry if this is a repeated topic! i didn’t find something similar!


@david any thoughts?

I found this in the larave.log
[2023-04-22 23:08:28] production.INFO: db fails
[2023-04-22 23:15:50] production.INFO: SQLSTATE[42000]: Syntax error or access violation: 1142 CREATE command denied to user ‘…’@‘x.x.x.x’ for table ‘migrations’ (SQL: create table migrations (id int unsigned not null auto_increment primary key, migration varchar(191) not null, batch int not null) default character set utf8mb4 collate ‘utf8mb4_unicode_ci’ engine = InnoDB)
[2023-04-23 20:24:23] production.INFO: Importing account
[2023-04-23 20:24:23] production.INFO: Importing company
[2023-04-23 20:24:24] production.INFO: Importing users
[2023-04-23 20:24:24] production.INFO: Importing payment_terms
[2023-04-23 20:24:24] production.INFO: Importing tax_rates
[2023-04-23 20:24:24] production.INFO: Importing clients
[2023-04-23 20:24:51] production.INFO: Importing company_gateways
[2023-04-23 20:24:51] production.INFO: Importing client_gateway_tokens
[2023-04-23 20:24:51] production.INFO: Importing vendors
[2023-04-23 20:24:51] production.INFO: Importing projects
[2023-04-23 20:24:51] production.INFO: Importing products
[2023-04-23 20:24:52] production.INFO: Importing credits
[2023-04-23 20:24:52] production.INFO: Importing recurring_invoices
[2023-04-23 20:24:52] production.INFO: Importing invoices
[2023-04-23 20:25:05] production.INFO: Importing quotes
[2023-04-23 20:25:05] production.INFO: Importing payments
[2023-04-23 20:25:20] production.INFO: Importing expense_categories
[2023-04-23 20:25:20] production.INFO: Importing task_statuses
[2023-04-23 20:25:20] production.INFO: in task statuses
[2023-04-23 20:25:20] production.INFO: finished task statuses
[2023-04-23 20:25:20] production.INFO: Importing expenses
[2023-04-23 20:25:20] production.INFO: Importing recurring_expenses
[2023-04-23 20:25:20] production.INFO: Importing tasks
[2023-04-23 20:25:20] production.INFO: Importing documents
[2023-04-23 20:25:25] production.INFO: Completed​:rocket::rocket::rocket::rocket::rocket: at 2023-04-23 20:25:25

but in the database, there is the table “migrations” with so many entries!

This is most likely a 403 from Apache and its configuration, perhaps AllowOverride is not enabled for this directory?

CREATE command denied to user ‘…’@‘x.x.x.x’ for table ‘migrations’ (

This one indicates a permission / grant level error with the DB user.

The user has administrator rights to that database! if the server denied the access why there is a table “migrations” in the database with so many entries!
I will check all rights and let you know.
can it be a folder permission!

Can’t figure the reason why it is only that table "migrations’ that is denied access to! It contains a lot of entries! so something was written there!
Do you think that being unable to make changes (saving) has something to do with that table!


I don’t think the 403 relates to your migrations issue. the 403 would be due to a mis configuration in Apache.

So Why it is only that table "migrations’ not other tables as well if there is a misconfiguration!
it seems as if saving is not working! maybe i did something wrong!
I used the same email and password for both v4 and v5, do you think during the migration that caused a conflict!
I run the query “show grants” on my db, and the result was this:
GRANT USAGE ON . TO svhrech@%
GRANT ALL PRIVILEGES ON svhrech.* TO svhrech@%
I restarted the sql servver and set to default! same thing!

@david @hillel
Few more info:

  1. I upgraded from v4 version v4.5.45 … (did I have to update to the latest version before upgrading to the V5)
  2. In the new V5 installation, I can create clients, products, invoices and even users…
    But if I make a change (edit) and I want to save I get that error!
    I created for example a user, and then I wanted to make it admin, but when I click “save”, I got that error! Same with a client, i create it, and click save, it works and the client is added, but if I want to edit it, i click on edit, i do the changes, but when I click on “edit”, i got that error!
    Should I try a new fresh installation in a different DB!

@hillel @david
I updated the v4 to the lastest one v4.5.50.
I reinstalled all from new for v5 with new database!
I got the same access denied message even if i try to save anything in the new company! how come that the error starts with “Error: please check that Invoice Ninja v5 is installed on the server”
If i try to add a new company! i can’t and I have the same error message!
I started the migration from v4 to v5! but this time I got the error 500|server error.
Any feedback!

Are there any details about the 500 error in storage/logs?

larvel.log from v4
2023-05-01T18:26:36.074995+00:00] production.ERROR: GuzzleHttp\Exception\ClientException [403] : /home/xxxx/www/rechnung/vendor/guzzlehttp/guzzle/src/Exception/RequestException.php [Line 113] => Client error: POST resulted in a 403 Forbidden response: 403 Forbidden

Forbidden (truncated…) {“context”:“PHP”,“user_id”:1,“account_id”:1,“user_name”:“SV Herschfeld”,“method”:“POST”,“user_agent”:“Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/ Safari/537.36”,“locale”:“en”,“ip”:“…”,“count”:2,“is_console”:“no”,“is_api”:“no”,“db_server”:“mysql”,“url”:“migration/auth”} []
[2023-05-01T18:26:36.083552+00:00] production.ERROR: [stacktrace] 2023-05-01 06:26:36 Client error: POST resulted in a 403 Forbidden response: 403 Forbidden

Forbidden (truncated…) : #0

@david do you have any suggestions?

Have you configured the first account in v5? When you configured v5 for the first time, you would have created an account with the same email/password combination that you use in v4?

Yes same user and password as v4.