HomeUser GuidesAPI Reference
Get Started
HomeAPI Reference
Authentication
Branches
Contact Groups
Contacts
Conversations
Error HandlingInvoices
Messages
Orders
Rate LimitingSDKs & Code ExamplesTemplatesTicketsAPI VersioningWABA NumbersWebhooks
User GuideAPI ReferenceBest PracticesCommon Authentication Errors

Common Authentication Errors

Troubleshooting authentication errors

Reading time: 1 minute

Common Authentication Errors

401 Unauthorized

Cause: Invalid or missing signature

Solutions:

  • Verify HMAC calculation is correct
  • Ensure you're using the correct hmacSecret
  • Verify the string to sign is correct
  • Check the order of elements in stringToSign
Correct vs Incorrectjavascript
// āœ… Correct
const stringToSign = `${method}${path}${queryString}${timestamp}${body}`;

// āŒ Wrong - incorrect order
const stringToSign = `${path}${method}${timestamp}${body}`;

403 Forbidden

Cause: Timestamp is too old

Solutions:

  • Use a recent timestamp
  • Ensure server clock is synchronized
  • Don't use cached timestamps

Warning: If your server clock is not synchronized, you may encounter this error even with new timestamps.

400 Bad Request

Cause: Missing or invalid headers

Solutions:

  • Ensure all required headers are present
  • Verify header values
  • Check header format is correct

Related

ā† Back to Authentication
View Guide
View