HTTP 401 Unauthorized

Authentication is missing or invalid for this request.

4xx · Client error✗ not retryable — fix the request instead

In AI APIs specifically

Anthropic expects the x-api-key header; OpenAI expects Authorization: Bearer. Mixing the two conventions is the classic cause. Revoked or rotated keys also land here.

Fix checklist

Verify the correct auth header for the provider.
Check the key is set in the environment the process actually reads.
Confirm the key wasn't rotated or revoked in the console.
Watch for whitespace/newlines accidentally included in the key.

Spec: RFC reference

Related status codes

400 Bad Request

The server cannot process the request due to a client error — malformed JSON, invalid parameters, or schema violations..

402 Payment Required

The request requires payment — billing is not set up or a balance is exhausted..

403 Forbidden

The server understood the request but refuses to authorize it — valid credentials, insufficient permission..

404 Not Found

The requested resource does not exist at this URL..

← All HTTP status codes