OriginChain docs
examples · errors · 6 / 19

6. 401 - missing Authorization header

← Errors examples
what this error means

No Authorization header was sent at all. The router rejects unauthenticated traffic before any handler runs. Every API call requires Authorization: Bearer <token>.

what triggers it

A request that omits the Authorization header entirely.

POST /v1/tenants/:t/sql - no auth header 
curl -X POST "https://$OC_HOST/v1/tenants/$OC_TENANT/sql" \
  -H "Content-Type: application/json" \
  -d '{"sql": "SELECT 1"}'
the canonical response body
{
  "error": "unauthorized",
  "message": "missing Authorization header",
  "retry": false
}
how to recover
  • Add -H "Authorization: Bearer $OC_TOKEN" to the request.
  • Issue a token in the dashboard (/app/tokens) if you don't have one yet.
  • If you're using one of the SDKs, set OC_TOKEN in the environment - the clients pick it up automatically.
  • retry: false - the call needs a header, not a backoff.
common upstream causes
  • Token env var unset in CI - the script silently sent an empty value, which the proxy stripped.
  • A reverse proxy or sidecar dropping the Authorization header on forward (very common with overly-strict CORS proxies).
  • Calling through a CDN cache that wasn't configured to forward auth headers.
  • Pasted cURL from a docs page that didn't include the auth line.
  • Frontend code that forgot to attach the token to fetch options.