# OpenAI API 401: Invalid API Key

TL;DR: OpenAI API 401 is an authentication failure. The request reached OpenAI, but the Authorization header did not prove access.

Target query: OpenAI API 401 invalid key
Likely fault area: your key or account
Run diagnosis: https://llmping.app/#diagnose

## What this error means

OpenAI API 401 means the API key is missing, malformed, revoked, or not valid for the project you are calling from.

## Is it code, key, rate limit, or server-side?

Category: auth
Likely fault area: your key or account

## Immediate checklist

- Confirm the Authorization header is exactly Bearer followed by the key.
- Check for invisible whitespace, quotes copied into environment variables, or a missing env var in production.
- Verify the key was created in the same OpenAI project your code is using.
- Rotate the key if it was exposed in logs, browser code, or a public repository.

## cURL test command

```bash
curl https://api.openai.com/v1/models \
  -H "Authorization: Bearer $OPENAI_API_KEY"
```

## Common fixes

- Print whether the environment variable exists, not the key value.
- Use server-side calls only. Do not put OpenAI API keys in frontend bundles.
- Regenerate the key if the old key was deleted or revoked.
- Check deployment environment variables separately from local .env files.

## Related errors

- https://llmping.app/errors/openai/403/
- https://llmping.app/errors/openai/429/
- https://llmping.app/status/openai/