From 99ebad576b9cc49b9b259bfdb0f0aedb95ea0e9e Mon Sep 17 00:00:00 2001
From: Eric Forte <119343520+eric-forte-elastic@users.noreply.github.com>
Date: Tue, 16 Sep 2025 08:55:10 -0400
Subject: [PATCH] Added handling for unauth error (#5115)

---
 detection_rules/devtools.py | 9 +++++++++
 pyproject.toml              | 2 +-
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/detection_rules/devtools.py b/detection_rules/devtools.py
index a9d8f2b4c..19d059eaf 100644
--- a/detection_rules/devtools.py
+++ b/detection_rules/devtools.py
@@ -1050,6 +1050,15 @@ def update_navigator_gists(
             raise raise_client_error(
                 "Gist not found: verify the gist_id exists and the token has access to it", exc=exc
             ) from exc
+        if exc.response.status_code == requests.status_codes.codes.unauthorized:
+            text = json.loads(exc.response.text).get(
+                "message", "verify the token is valid and has the necessary permissions"
+            )
+            error_message = f"Unauthorized: {text}"
+            raise raise_client_error(
+                error_message,
+                exc=exc,
+            ) from exc
         raise
 
     response_data = response.json()
diff --git a/pyproject.toml b/pyproject.toml
index fba7e4f95..64929db2c 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -1,6 +1,6 @@
 [project]
 name = "detection_rules"
-version = "1.4.2"
+version = "1.4.3"
 description = "Detection Rules is the home for rules used by Elastic Security. This repository is used for the development, maintenance, testing, validation, and release of rules for Elastic Security’s Detection Engine."
 readme = "README.md"
 requires-python = ">=3.12"