Skip to main content
You received 401 Unauthorized with a message like Could not validate credentials or Not authenticated.

The problem

The Dollr API did not accept the Authorization header on your request. Common causes:
  • No Authorization: Bearer <token> header
  • Token expired (expires_in is in minutes)
  • Typo in the token string or extra whitespace
  • Using test credentials against live endpoints (or vice versa)

How to identify

  1. Confirm the failing request includes Authorization: Bearer ...
  2. Check when you last called POST /v1/jwt/client/obtain/token
  3. Compare expires_in from that response with the current time

Solution

1

Obtain a fresh token

curl -X POST "https://api.heydollr.app/v1/jwt/client/obtain/token" \
  -H "Content-Type: application/json" \
  -d '{"client_id": "YOUR_CLIENT_ID", "client_secret": "YOUR_CLIENT_SECRET"}'
See Authentication and API Reference.
2

Refresh proactively

Request a new token when fewer than 5 minutes remain — do not wait for the first 401 in production traffic.
3

Retry the original request once

Replace the header and retry. If it still fails, verify Client ID/secret in the merchant portal.

Still having issues?

  • Rotate API keys if the secret may have leaked
  • Email dev@heydollr.app with timestamp (UTC) and redacted headers
Last modified on May 22, 2026