403 Forbidden When Updating User Data

I'm trying to update a user's custom field.

API Url Path: /api/users/7 (this user exists, double-checked)

Json body:

	"cust_id": "test2"

I have included Content-Type: application/json and the correct Authorization header information in my request.

The source code response of this request is as follows:

403 Forbidden


You don't have permission to access /api/users/7 on this server.


Given it's a 403 versus a 404, I'd suggest you check the file ownership/permissions of your api.php file in the root of your store. If you get a 404 page on a GET, you may have to disable mod_security for the API to work.