A failure in the Authentication process will give an HTTP 401 Unauthorized message. There are three possible reasons for this error:
- Invalid Application Key. Check your Application Key in the Client Portal and/or generate a new Application Key.
- Invalid Request Signature. Double check your Shared Secret and ensure your query is sorted alphabetically.
- Not Allowed. You could be using the wrong API URL (check with your provider for the proper URL for API requests).
Responses will include an X-Application-Error-Description header for a more precise error description. An Authentication Challenge Header with the Authentication Algorithm (such as WWW-Authenticate: PNCP) used will also be included.