← TroubleshootingAuthenticationInvalid token
Symptoms
- `401` responses
- All requests rejected
Likely causes
- Using the key_prefix (the short `nxk_live_AbC123…` shown in the Developers table) instead of the full token
- Mistyped or revoked token
- Missing `Authorization` header
- Using the key in the wrong environment
How to fix
- Use the FULL token shown once at creation — not the key_prefix in the table (the prefix is only an identifier and cannot authenticate)
- If the full token is lost, create a new key and copy it that one time
- Verify with `GET /api/public/v1/me` (200 = valid, returns scopes)
- Rotate if leaked