OpenAI API 401 invalid key
OpenAI API 401: Invalid API Key
TL;DR: OpenAI API 401 is an authentication failure. The request reached OpenAI, but the Authorization header did not prove access.
What this error means
OpenAI API 401 means the API key is missing, malformed, revoked, or not valid for the project you are calling from.
auth your key or account
Is it code, key, rate limit, or server-side?
| Signal | Diagnosis |
|---|---|
| Provider | OpenAI |
| Error | 401 |
| Likely category | auth |
| Likely fault area | your key or account |
Immediate checklist
- Confirm the Authorization header is exactly Bearer followed by the key.
- Check for invisible whitespace, quotes copied into environment variables, or a missing env var in production.
- Verify the key was created in the same OpenAI project your code is using.
- Rotate the key if it was exposed in logs, browser code, or a public repository.
cURL test command
curl https://api.openai.com/v1/models \ -H "Authorization: Bearer $OPENAI_API_KEY"
Run this from your server or terminal. llmping does not collect API keys and does not send this command for you.
Common fixes
- Print whether the environment variable exists, not the key value.
- Use server-side calls only. Do not put OpenAI API keys in frontend bundles.
- Regenerate the key if the old key was deleted or revoked.
- Check deployment environment variables separately from local .env files.