What this error means
OpenAI returns 401 when the API key is missing, malformed, revoked, or scoped to the wrong org or project.
How to fix it
- Confirm the Authorization: Bearer header carries a current key
- Rotate the key if it may be leaked or revoked
- Check the org and project the key is scoped to
Example error message
{
"error": {
"message": "Your authentication token has been invalidated. Please try signing in again.",
"type": "invalid_request_error",
"code": "invalid_authentication"
}
}Also seen as
The same underlying error surfaces with these messages across providers and SDKs:
Incorrect API key provided.
Frequently asked
Why did a working key suddenly 401?
Keys 401 the moment they are rotated or revoked, or if the project they belong to is deleted.