Skip to content
Demo App Docs

invalid_api_key (401)

← Error reference

invalid_api_key

HTTP status: 401

Retryable: No — retrying without changes will fail the same way.

The API key is malformed, unknown, expired, or revoked.

When it fires

The supplied key cannot be verified. The message is intentionally identical to `authentication_required` — we do not reveal *why* a key is rejected.

How to handle it

Rotate the key from the console. If the rotation completed without the integration noticing, redeploy with the new key in your secret store.

Example response

{
  "error": {
    "type": "https://docs-dev.autohost-dev.uk/api/errors/invalid_api_key",
    "code": "invalid_api_key",
    "message": "Invalid or missing API key",
    "request_id": "req_01HEXAMPLE0000000000000000",
    "doc_url": "https://docs-dev.autohost-dev.uk/api/errors/invalid_api_key"
  }
}