Cannot access gated repo for pyannote/speaker-diarization-3.1/ restricted and you are not in the authorized list

Beginners
1

TLDR:

  1. I want to use the “pyannote/speaker-diarization-3.1” model.
  2. I’ve set up an account and gotten authorization to use the model, confirmed by the model page and my API token page.
  3. The API token I’m using is full “READ”
  4. I’ve triple-checked everything’s right on my end, cleared caches, regenerated tokens, etc
  5. The huggingface site stubbornly refuses to let me access the model.

It’s probably some “gotcha” someone else on the forum could help me sort-out in 3 sentences …but darn-it, I need to get my Holiday Karaoke on (using this model).

:rofl:

Since I’ve already burned three hours debugging this, here’s the whole thing written up as a formal bug report. If there’s actually a bug, maybe it’ll help.

Gated model access “Accepted” in UI. Token valid. API metadata accessible. Endpoint /resolve/* incorrectly returns 403 GatedRepo on [pyannote/speaker-diarization-3.1]

Summary

I have accepted access to the gated model pyannote/speaker-diarization-3.1 (Requested via UI; Granted), and I’m using a valid READ token (verified using whoami).

Despite this:

  • huggingface API metadata for the model is accessible using my token: [GET /api/models/...] returns JSON successfully)
  • But file resolution via the [/resolve/main/...] endpoint returns a 403 Forbidden with x-error-code: GatedRepo- and the response text “not in authorized list”.

This happens using both :

  • curl with the Authorization: Bearer <token> header and with
  • huggingface_hub.hf_hub_download [..., token=<token>] with explicit token passed in code.

Now …this strongly suggests some sort of server-side entitlement / gating issue between huggingface’s metadata APIs and resolver/download endpoints (as opposed to “something’s wrong on my end”).

My Environment

  • OS: macOS Catalina 10.15.7 (x86_64) - Yes I need to upgrade (OpenCore for the win) :joy:
  • Python: 3.9.6 (/usr/local/bin/python3)
  • huggingface_hub: installed via pip
  • Token: READ token (not fine-grained)
  • Account: username mischivus (and yes, my email is verified)

Expected behavior

I’d generally expect that once access is marked as Accepted in the site UI for [pyannote/speaker-diarization-3.1], and three hours have passed …that authenticated requests with a valid token should allow downloading repository files such as:

https://huggingface.co/pyannote/speaker-diarization-3.1/resolve/main/config.yaml

…using hf_hub_download.

Actual behavior

The model page and gated-repo settings show access as Accepted, but /resolve/... returns:

  • HTTP 403
  • x-error-code: GatedRepo
  • x-error-message: Access to model pyannote/speaker-diarization—3.1 is restricted and you are not in the authorized list. Visit https://huggingface.co/pyannote/speaker-diarization-3.1 to ask for access.

Evidence: Access status in UI

From:
https://huggingface.co/settings/gated-repos

Accepted entries include:

  • pyannote/segmentation
  • pyannote/speaker-diarization-3.0
  • pyannote/speaker-diarization-3.1

gated-repo-status
gated-repo-status1900×574 52.7 KB

Additionally:

  • I explicitly requested access to pyannote/speaker-diarization-3.1 via the model page, and the UI indicates it was granted.

Reproduction steps

Step 1 — Verify token is valid and maps to my account

printf "Paste HF token (hidden): " && read -r -s HF_TOKEN && echo \
  && curl -sS -H "Authorization: Bearer ${HF_TOKEN}" \
     "https://huggingface.co/api/whoami-v2"

Output (truncated)

{"type":"user","id":"[REDACTED]","name":"mischivus","fullname":"[REDACTED]","email":"[REDACTED}@[REDACTED].com","emailVerified":true,...}

So the token is valid and authenticates successfully.

Step 2 — Confirm the model’s metadata is accessible via authenticated API

printf "Paste HF token (hidden): " && read -r -s HF_TOKEN && echo \
  && curl -sS -H "Authorization: Bearer ${HF_TOKEN}" \
     "https://huggingface.co/api/models/pyannote/speaker-diarization-3.1" \
  | python3 -m json.tool | sed -n '1,200p'

Output highlights:

  • "id": "pyannote/speaker-diarization—3.1”
  • "gated": "auto"
  • siblings includes "config.yaml"

So the API acknowledges the repo and lists the file.

Step 3 — Attempt to download config.yaml via /resolve/ with curl (fails)

printf "Paste HF token (hidden): " && read -r -s HF_TOKEN && echo \
  && curl -sS -D- -o /dev/null \
     -H "Authorization: Bearer ${HF_TOKEN}" \
     "https://huggingface.co/pyannote/speaker-diarization-3.1/resolve/main/config.yaml" \
  | sed -n '1,40p'

Response Headers (relevant lines):

HTTP/2 403
x-error-code: GatedRepo
x-error-message: Access to model pyannote/speaker-diarization-3.1 is restricted and you are not in the authorized list. Visit https://huggingface.co/pyannote/speaker-diarization-3.1 to ask for access.

So the resolver endpoint denies access.

Step 4 — Attempt the same download via huggingface_hub with an explicit token (fails)

python3 - <<'PY'
import getpass
from huggingface_hub import hf_hub_download

token = getpass.getpass("Paste HF token (input hidden): ").strip()

path = hf_hub_download(
    repo_id="pyannote/speaker-diarization-3.1",
    filename="config.yaml",
    token=token,   # explicit; no cache/env reliance
)
print("OK downloaded to:", path)
PY

Traceback (relevant lines):

requests.exceptions.HTTPError: 403 Client Error: Forbidden for url:
https://huggingface.co/pyannote/speaker-diarization-3.1/resolve/main/config.yaml

huggingface_hub.utils._errors.GatedRepoError: 403 Client Error.

Cannot access gated repo for url https://huggingface.co/pyannote/speaker-diarization-3.1/resolve/main/config.yaml.
Access to model pyannote/speaker-diarization-3.1 is restricted and you are not in the authorized list.

What I ruled out

“Python stack isn’t sending the token I think it is”

Ruled out by:

  • Passing token explicitly to hf_hub_download(..., token=token) (no cached token usage),
  • And reproducing the same 403 GatedRepo with curl where the header is explicitly set.

“Token invalid”

Ruled out by:

  • Successful GET https://huggingface.co/api/whoami-v2 using the same token.

“Model doesn’t exist / typo”

Ruled out by:

  • Successful GET https://huggingface.co/api/models/pyannote/speaker-diarization-3.1 showing the repo metadata and listing config.yaml.

Ask

Could Hugging Face staff verify that my account is correctly authorized for
pyannote/speaker-diarization-3.1 at the resolver endpoint, and whether there is a
known entitlement cache or propagation issue for auto-gated repos?

Does anyone on the forum know about this problem and have a workaround?

Thanks!

^M^

1 Like
2

Hmm…

Solutions and workarounds to try (in order)

1) Accept the two required gated repos (not just one)

Do this in the browser while logged in:

  • Accept pyannote/speaker-diarization-3.1 conditions. (Hugging Face)
  • Accept pyannote/segmentation-3.0 conditions. (Hugging Face)

If you only accepted some older or unversioned segmentation repo, that is often not enough for the 3.x pipeline. The 3.1 model card explicitly requires segmentation-3.0. (Hugging Face)

2) Create a fresh fine-grained token and enable gated-download permission

This specific 403 pattern is frequently fixed by a token setting described as:

  • “Enable access to public gated repositories” (GitHub)
  • “Read access to contents of all public gated repos you can access” (Hugging Face Forums)

Action:

  • Create a brand-new fine-grained token.
  • Ensure that “public gated repos” read access is enabled.

Why: the common failure is whoami works and file listing works, but /resolve/... is blocked until this token permission is enabled. (GitHub)

3) Re-login on the machine where you run the code

If you run in Colab, Docker, a server, or a CI job, do a clean auth:

huggingface-cli login

This is a standard fix path for 403 issues. (Hugging Face Forums)

4) Pass the token explicitly in code (bypasses “wrong env token” issues)

Use the pattern shown on the model card:

from pyannote.audio import Pipeline

pipeline = Pipeline.from_pretrained(
    "pyannote/speaker-diarization-3.1",
    use_auth_token="YOUR_HF_TOKEN"
)

That is the official usage snippet for this model. (Hugging Face)

5) Clear Hugging Face cache and re-auth (especially on Colab)

If token settings look correct but the runtime still 403s, clear cached auth and re-login:

from huggingface_hub import logout, login
logout()
!rm -rf ~/.cache/huggingface
login()

This exact workaround resolved a similar “whoami OK but /resolve 403” case. (Hugging Face Forums)

6) Sanity-test with a single /resolve download (fastest truth check)

If this succeeds, your Python should succeed too:

export HF_TOKEN="hf_xxx"
curl -fL -H "Authorization: Bearer $HF_TOKEN" \
  "https://huggingface.co/pyannote/speaker-diarization-3.1/resolve/main/config.yaml" \
  -o /tmp/config.yaml

If this fails with the “enable access to public gated repositories” message, go back to step 2. (GitHub)

7) “Toggle fix” for token UI oddities

One user fixed their gated access by re-toggling token permissions so the gated-read checkbox was properly applied again (they mention unchecking write access caused the gated-read checkbox to “re-highlight,” then it worked). (Hugging Face Forums)

Summary

  • Accept both required repos: diarization-3.1 and segmentation-3.0. (Hugging Face)
  • Use a fresh fine-grained token with “public gated repos” read enabled. (GitHub)
  • Re-login and, if needed, clear ~/.cache/huggingface then login again. (Hugging Face Forums)