The client does not have access rights to the content; that is, it is unauthorized, so the server is refusing to give the requested resource.
Unlike 401, the client's identity is known to the server.
Typically, this will occur when an authenticated user does not have sufficient user access privileges for the given resource. A standard user account may receive a 403 when trying to access a super user resource.