- Why do I receive a 401 Unauthorized when making an API request?
- Why are my API requests rejected with an authentication error?
If you are receiving an authentication error or a 401 Unauthorized HTTP response when trying to make an API request to the Nexmo Voice API, then there is likely an issue with the JWT in your HTTP header.
To ensure you are minting your JWT correctly, check you are doing the following:
- generating a valid IAT (issued at time)
- using the correct application_id
- using the correct private key for your application
Remember: The Private Key is only generated when you create the application using the Application API. You must store this Private Key securely, as Nexmo does not store this.
If you are generating new public and private keys using the Nexmo Dashboard, always click on "Save changes" after generating the new public and private key.
If you are still experiencing issues with authenticating your request, we recommend creating a new application and using the new application_id and private key to mint your new tokens.
You can also check your JWT at jwt.io, where you can enter your token and secret to ensure the token is both valid and live.
You can find information on how Nexmo uses JWTs for authentication in our documentation:
JSON Web Tokens (JWT)