I’ve added the error to that document, thanks for pointing it out. It typically occurs when the user is not following the author of the tweet, and that author also protects their tweets.
When you encounter a more specific error code you do not anticipate, it’s best to just base logic around the overall HTTP error code; HTTP 403 indicates that the authenticating context is understood, but either the user or the application are not permitted to complete the request.
