If your API has a token validation interceptor and when calling it, we receive the status code 401-Unauthorized
, this indicates that the inserted token is invalid, this can be caused because:
It is wrong, expired or revoked
It does not have access to that resource/API
The token validation interceptors are: OAuth, Access Token validation, JWT Validation, Client ID Validation, CSRF Validation, Time Token Validation, Digital Signature |
The response of the API call tells us which element carries the invalid token.
In the case of being the
access_token
(expired/revoked/incorrect/no access to the called resource/not informed) the message will be:See Alsodiscord.js GuideInvalid Security TokenHow to resolve the Forbidden Invalid authenticity token error messageFixing 'The Security Token Included in the Request Is Invalid' Error: A Step-by-Step Guide - Cloud PatternsAccess Token in the request, identified by HEADER access_token, is invalid. Check docs.sensedia.com
In the case of being the
client_id
(expired/revoked/incorrect/no access to the called resource/not informed) the message will be:Client Id in the request, identified by HEADER client_id, is invalid. Check docs.sensedia.com
For the case of interceptors where the name of the element carrying the key (header, cookie, queryParam) is defined by the user, the message will be:
%s in the request, identified by HEADER %s, is invalid. Check docs.sensedia.com
In the General trace logs, we can find a more detailed breakdown of the error, indicating whether the token is wrong, expired, revoked or has no access to the resource.
If the token is wrong, expired or revoked, the trace will show the following log:
Access token in HEADER access_token HAS NOT BEEN FOUND (causes: is invalid, expired or revoked); rejecting call
If the token does not have access to the resource, the trace will show the following log:
Access token in HEADER access_token DOES NOT HAVE ACCESS TO THIS RESOURCE; rejecting call
Thanks for your feedback!
EDIT
Share your suggestions with us!
Click here and then [+ Submit idea]