Authentication Errors

Solutions for API authentication errors in API Mapper

Authentication Errors

"401 Unauthorized"

Symptoms: API returns a 401 status code.

Meaning: Your credentials are missing or invalid.

Solutions:

  1. Verify your API key/credentials

    • Copy the key directly from your API provider dashboard
    • Check for leading/trailing spaces
    • Ensure the key hasn't expired

  2. Check the authentication type

    • Confirm you're using the correct auth method (API Key, Bearer, Basic)
    • Some APIs require the key in a header, others in query parameters

  3. Verify header/parameter name

    • Common header names: Authorization, X-API-Key, api-key
    • Check the API documentation for the exact name

Common mistakes:

WrongCorrect
Bearer: TOKENBearer TOKEN (no colon)
APIKey abc123Bearer abc123 or just abc123
Key in header when API expects query paramMatch what API expects

"403 Forbidden"

Symptoms: API returns a 403 status code.

Meaning: You're authenticated but not authorized for this resource.

Possible causes:

  • API key doesn't have required permissions
  • Resource requires a higher subscription tier
  • IP restrictions
  • Rate limit exceeded

Solutions:

  1. Check API key permissions

    • Many APIs have read/write permission levels
    • Ensure your key has "read" permission at minimum

  2. Verify your API subscription

    • Some endpoints require paid plans
    • Check your API provider account

  3. Check IP restrictions

    • Some APIs limit access to specific IPs
    • Whitelist your server's IP address

  4. Check rate limits

    • Some APIs return 403 when rate limited
    • Enable caching to reduce API calls

"Invalid API key" / "Consumer key is invalid"

Symptoms: API explicitly says the key is invalid.

Solutions:

  1. Regenerate the API key

    • Old keys may have been revoked
    • Create a new key in your API provider dashboard

  2. Check key format

    • Some APIs have multi-part keys (key + secret)
    • Ensure you're using all required parts

  3. Wait for key activation

    • Some APIs (like OpenWeatherMap) require 10-15 minutes for new keys to activate

For WooCommerce specifically:

  • Use Consumer Key as username
  • Use Consumer Secret as password
  • Ensure HTTPS is enabled (WooCommerce requires it for API auth)

"Token expired" / "JWT expired"

Symptoms: Bearer token authentication fails with expiration message.

Meaning: Your access token has expired.

Solutions:

  1. Generate a new token

    • Log into your API provider
    • Generate a fresh access token
    • Update the token in API Mapper

  2. Check token lifetime

    • Some tokens expire after hours, others after days
    • Note the expiration for future reference

  3. Consider using refresh tokens (if available)

    • Some APIs provide refresh tokens for automatic renewal
    • This may require custom implementation

"Basic Auth required"

Symptoms: API requires username and password authentication.

Solutions:

WordPress
  1. Go to Settings → API Mapper
  2. Edit your connection
  3. Set Authentication to Basic Auth
  4. Enter your Username and Password
  5. Save and test the connection

Note: Basic Auth credentials are sent with every request. Always use HTTPS to protect your credentials.

Was this page helpful?

Previous
Connection Errors
Next
Data Errors

On this page