Error: invalid_token
The token provided does not match any active credential.
invalid_token
invalid_tokenHTTP status: 401
The Authorization: Bearer value does not match any active credential in the system.
Why this happens
- The token was typed or copied incorrectly (extra space, truncated value, missing prefix).
- The token was revoked — either manually from the Dashboard or by support after a leak report.
- You are using a token from one environment (test) on a host configured for another.
- The token has been replaced by a rotation and the old value is no longer valid.
What to do
- Confirm the token starts with
isa_test_orisa_live_— tokens lacking the prefix are malformed. - Copy the token value fresh from your secrets manager; do not retype it.
- If you suspect the token was revoked, generate a replacement from the Dashboard at dashboard.isaapi.com → API Keys.
- If you believe the token is correct, email [email protected] with your
request_idand the last 6 characters of the token.
Example response
{
"type": "https://zyins.isaapi.com/errors/invalid-token",
"title": "Invalid token",
"status": 401,
"detail": "The bearer token provided does not match any active credential. Check for typos or generate a replacement from the Dashboard.",
"code": "invalid_token",
"param": null,
"request_id": "req_01HZK2N5GQR9T8X4B6FJW3Y1AS"
}SDK exceptions
| Language | Exception class |
|---|---|
| TypeScript | IsaInvalidTokenError |
| Python | IsaInvalidTokenError |
| Go | *zyins.InvalidTokenError |
| PHP | Isa\Sdk\Zyins\Exception\IsaInvalidTokenException |
| C# | IsaInvalidTokenException |
See also
Updated 2 days ago