Common · shared
Unauthorized 401
Authentication is missing or invalid.
type
https://errors.swepay.com.br/common/unauthorized What this means
The request lacks valid authentication credentials. Either no credential was supplied, or the token presented is expired, malformed, or revoked.
This is about authentication (who you are), not authorization (what you may do). For the latter, see Forbidden.
Common causes
- No `Authorization` header was sent.
- The access token is expired or has been revoked.
- The token is malformed or signed by an unknown issuer.
How to resolve
Obtain a fresh access token from your identity provider and retry with a
valid Authorization: Bearer <token> header. If you manage tokens yourself,
refresh before expiry rather than waiting for a 401. Never log or echo the
token value.
Example response
HTTP 401 · application/problem+json
{
"type": "https://errors.swepay.com.br/common/unauthorized",
"title": "Unauthorized",
"status": 401,
"detail": "The access token is expired.",
"instance": "/v1/certificates"
}References
Machine-readable: /common/unauthorized.json