​

unauthorized

​

Example response

{
  "error": {
    "code": "unauthorized",
    "message": "Invalid or missing API key",
    "docs_url": "https://docs.vatly.dev/errors/unauthorized"
  },
  "meta": {
    "request_id": "550e8400-e29b-41d4-a716-446655440000"
  }
}

​

What happened?

• No Authorization header is present
• The header format is wrong (not Bearer <key>)
• The API key doesn’t match any active key in the system
• The API key has been revoked or deactivated

​

How to fix

1. Add the Authorization header with the Bearer scheme:
   Copy

   Ask AI

   curl -H "Authorization: Bearer vtly_live_your_api_key" \
     "https://api.vatly.dev/v1/validate?vat_number=NL123456789B01"
   
2. Check your key — Make sure you’re using the complete key, including the vtly_live_ prefix
3. Generate a new key if you’ve lost your original — keys are stored as SHA-256 hashes and cannot be recovered

​

Common mistakes

• Missing Bearer prefix — Authorization: vtly_live_xxx won’t work, it must be Authorization: Bearer vtly_live_xxx
• Extra whitespace — Check for trailing spaces or newlines in your key
• Using a revoked key — If you’ve regenerated your key, the old one no longer works
• Environment mismatch — Make sure you’re using the right key for the right environment

​

Related errors

• rate_limit_exceeded — Key is valid but quota is used up