Why do I get the "401: Unauthorized"?

401 Unauthorized

If you receive the HTTP 401 Unauthorized error response: 

{
"status":401,

"errorCode":"000",

"message":"HTTP Status Response - Unauthorized",

"errorType":"security"
}
 it means there’s something incorrect in your API authentication or you are missing API PCI role. 

If you are using a plugin, this typically means you need to review your API authentication  plugin settings within Adobe Commerce, Hybris (SAP), SFCC, Shopify,  Netsuite or you are missing API PCI role.

To further troubleshoot this issue, please verify the following

  • Your merchant account name is correct.
    Ensure you input your merchant account name and not the company account name in your plugin settings on in your API request of you are not using a plugin. Keep in mind this input is case sensitive (recognized the difference between capital and lower-case letters). 
  • The web service user is correct.
    Check this in the Customer Area > Developers > API credentials.
  • The API key for live and test are correct.
    API keys are valid within the environment they are generated on, which meansyou can’t use your test API key on your live environment and vice versa. Check if this is correct by looking at the API key for your web service user in the Customer Area > Authentication > API Key and compare the end values in the Customer Area and your Plugin or your integration.
  • The API PCI role. This is typically only needed for certain Plugins and third party integrations. To enable this role you must be PCI compliant.
  • Check the Allowed IP range configured on the API credential of your web service user.

Let's practice

Learn more on this topic and practice what you’ve learned.

Go to your Customer Area
The illustration of support agent wearing a headset.

Do you need additional help?

Contact our support team

Send us the details of your issue by adding images or screenshots.

Submit a request