Skip to content

Unauthorized

URI: https://docs.ankatech.co/errors/unauthorized
HTTP Status: 401 Unauthorized

When you see this

The request lacks valid authentication credentials or the provided credentials could not be verified. You must authenticate before accessing this resource.

Common Causes

  • Missing authentication headers
    No Authorization header or API key was provided in the request.

  • Invalid credentials
    The provided API key, JWT token, or other credentials are incorrect or malformed.

  • Expired token
    Your JWT access token has expired and needs to be refreshed.

  • Revoked credentials
    The API key or token has been revoked due to security reasons or administrative action.

  • Wrong authentication method
    Using an incorrect authentication scheme (e.g., Basic auth when Bearer token is required).

How to Resolve

  1. Verify authentication headers
  2. Ensure the Authorization header is included in your request.

  3. Check the format: Authorization: Bearer <token> or X-API-Key: <key>.

  4. Validate credentials

  5. Confirm your API key or token is correctly copied without extra spaces.

  6. Verify credentials haven't been accidentally truncated or modified.

  7. Refresh expired tokens

  8. Use the refresh token endpoint to obtain a new access token.

  9. Implement automatic token refresh in your application.

  10. Request new credentials

  11. If credentials are revoked, contact your administrator for new ones.

  12. Generate new API keys through the admin console if you have access.

  13. Check authentication method

  14. Review the API documentation for the correct authentication scheme.
  15. Ensure you're using the appropriate credential type for the endpoint.

Response Example

{
  "error": {
    "code": "UNAUTHORIZED",
    "message": "Authentication required",
    "detail": "Invalid or missing authentication credentials",
    "timestamp": "2025-01-15T10:30:00Z",
    "traceId": "550e8400-e29b-41d4-a716-446655440000",
    "type": "https://docs.ankatech.co/errors/unauthorized"
  }
}

Authentication Methods

AnkaSecure API supports the following authentication methods:

  • JWT Bearer Token: For user and service authentication
  • API Key: For programmatic access via X-API-Key header
  • mTLS: For certificate-based authentication (specific endpoints)

If you continue to receive a 401 error after these steps, please verify your account status and consult the full API Reference.