Menu

401 Unauthorized Authentication Error When Making API Requests


Symptom

When making an API request, the request is rejected with a 401 Unauthorized authentication error.

Applies To

  • Voice API
  • API Requests
  • JSON Web Token (JWT)

Resolution

To ensure that you are minting your JSON Web Token (JWT) correctly, ensure that you are doing the following:

  • Generating a valid IAT (issued at time)
  • Using the correct application_id
  • Using the correct private key associated to the application

Remember: The Private Key is generated only when the application is created using the Application API. This Private Key must be stored securely, as Vonage does not store this.

If new public and private keys are generated using the Vonage API Account Dashboard, make sure to click Save Changes after the new Public Key and Private Key generation.

If you still experience issues with authenticating your request, it's recommended to create a new application and use the new application_id and Private Key to mint your new tokens.

You can check your JWT at jwt.io. Enter your token and secret to ensure the token is both valid and live.

If you experience issues with your established token, review your server synchronize time.

Cause

This usually occurs when there is an issue with the JWT in the HTTP header.

Additional Information

For more information on how Vonage APIs use JWTs for authentication, see our developer guide on Authentication using JSON Web Tokens (JWT).

Was this article helpful?
0 out of 1 found this helpful
Follow
Have more questions? Submit a request