authentication_error
API authentication errors — missing, invalid, or expired credentials
HTTP status: 401
Category: API authentication
What this error means
The Wocha API could not authenticate your request. The caller identity — management API key, OAuth access token, or bearer token — was missing, invalid, expired, or rejected by the auth subsystem.
This is a category-level error. Specific codes include unauthorized, invalid_key, expired_key, key_revoked, token_inactive, auth_failed, and introspection_failed.
Common causes
- Missing or malformed
Authorization: Bearer …header - Management API key does not match the configured tenant (
WOCHA_TENANT) - API key was revoked or has passed its
expires_atdate - OAuth access token expired or was revoked
- Transient failure in the authentication subsystem (
auth_failed)
How to fix it
- Verify
WOCHA_API_KEYandWOCHA_TENANTin your environment match a valid key in Console → Settings → API keys. - Confirm the key has not expired or been revoked; rotate if needed.
- For OAuth tokens, refresh the access token or re-run the authorisation flow.
- Do not retry indefinitely — fix credentials first. Only
auth_failedmay warrant a single retry. - Include
request_idfrom the error when contacting support.