SUMMARY OF PROBLEM: 403 forbidden message is incorrectly received when accessing profile API endpoint for existing character:
Tested with an EXISTING character on profile-us and get Error 200 (Good!)
Tested with an EXISTING character on profile-classic-us and get Error 403 (Bad!)
Tested with a NON-EXISTING character on profile-classic-us and get Error 404 (Good!)
To summarize the API is properly identifying characters that exist on a realm versus those that do by returning 404 for non existent characters, but instead of returning status 200 for existing ones like the API does on profile-us namespaces, it instead incorreclty returns 403.
EDIT: issue resolved, was using wrong namespace: for classic era you must use profile-classic1x-us NOT profile-classic-us.