# Authentication Failed

Authentication failed because the token is missing, invalid, or expired. The API cannot verify the identity of the caller.

**HTTP Status:** `401 Unauthorized`

## Error Codes

| Code | Description |
|  --- | --- |
| `missing_token` | No `Authorization` header provided |
| `invalid_token` | The token is not recognized or was revoked |
| `token_expired` | The token has expired -- obtain a new one via `/auth/token` |


## Example Response


```json
{
  "type": "https://api.dinie.com.br/errors/token_expired",
  "title": "Unauthorized",
  "status": 401,
  "detail": "The access token has expired. Please request a new token.",
  "code": "token_expired"
}
```

## How to Resolve

- **`missing_token`** -- Include the `Authorization: Bearer <token>` header in every request.
- **`invalid_token`** -- Verify you are using the correct token. If the credential was revoked, create a new one via `/auth/credentials`.
- **`token_expired`** -- Tokens expire after 1 hour. Request a new token from `POST /auth/token` and cache it until expiry. See [Authentication](/apis/concepts/authentication) for token refresh patterns.


## See Also

- [Authentication guide](/apis/concepts/authentication) -- Token management and refresh
- [Error Handling guide](/apis/concepts/errors) -- Full error handling patterns and code examples