NeuroAgent

My Class API Token Invalid: How to Fix 401 Authentication Error

Resolve My Class CRM API 401 authentication errors. Discover common causes of invalid API tokens and step-by-step solutions for successful authentication.

#api-401-error#api-token-moy-klass#authentication-error#crm-integration#moy-klass-crm#python-api#token-validation
Question

Why is a fresh and active API token for the CRM “My Class” perceived as invalid during authentication?

I’m trying to connect to the CRM “My Class” API using the following Python code:

python
import requests

headers = {
    "x-access-token": "<here's the active token from the website>"
}

response = requests.get("https://api.moyklass.com/v1/company/classes", headers=headers)
print(response.status_code)
print(response.text)

When executing the code, I get a 401 error with the message: {"code":"Unauthorized","message":"x-access-token is invalid"}. The token is fresh and active on the website, but the API doesn’t accept it. What could be the reason and how can I solve this problem?

NeuroAgent

Fresh and Active API Token for CRM “My Class” May Be Perceived as Invalid for Several Reasons

Despite appearing as valid in the system interface, a fresh and active API token for CRM “My Class” may be perceived as invalid for several reasons. The main issues are related to the token transmission format, its correctness, and compliance with API requirements.

Table of Contents

Main Reasons for 401 Error

A 401 error with the message “x-access-token is invalid” usually occurs for the following reasons:

  1. Incorrect header format - the token may require a “Bearer” prefix
  2. Spaces or special characters - there may be hidden characters in the token
  3. Incorrect token type - possibly using a different token type than expected by the API
  4. Limited token rights - the token may not have access to the requested resource
  5. Caching issues - previous invalid requests may have affected validation

Important: Even if the token appears active in the CRM interface, this doesn’t guarantee it’s correct for API work.

Token Verification and Formatting

Before using the token, you need to ensure its correctness:

  1. Copy the token without spaces - check that no extra characters were added when copying
  2. Check token length - a typical API token should contain a sufficient number of characters
  3. Ensure no quotes - there should be no extra quotes around the token in the code
python
# Incorrect format
headers = {
    "x-access-token": "\"<token>\""  # Extra quotes
}

# Correct format
headers = {
    "x-access-token": "<token>"  # Without extra characters
}

Access Rights Settings

The token must have appropriate rights to access the requested resource:

  1. Check token rights in the API settings of CRM “My Class”
  2. Ensure access to the /v1/company/classes method
  3. Check if the token is restricted by IP addresses or domains

If the token is IP-restricted, ensure requests are sent from an allowed IP address.

Technical Aspects of Authentication

Based on research of various CRM systems, common principles for working with tokens can be identified:

  1. X-Access-Token header - used in many CRM systems to transmit the token
  2. Request formatting - correctly specified Content-Type may be important
  3. Token validation - each system has its own validation rules

Many modern APIs require specifying content type even for GET-requests:

python
headers = {
    "x-access-token": "<token>",
    "Content-Type": "application/json"
}

Problem Solving

Step-by-step instructions for solving the problem:

1. Check token with a validator

Create a simple script to validate the token:

python
import requests

def validate_token(token):
    headers = {
        "x-access-token": token
    }
    try:
        response = requests.get("https://api.moyklass.com/v1/company/info", headers=headers)
        print(f"Status Code: {response.status_code}")
        print(f"Response: {response.text}")
        return response.status_code == 200
    except Exception as e:
        print(f"Error: {e}")
        return False

# Example usage
token = "your_token_here"
is_valid = validate_token(token)
print(f"Token is valid: {is_valid}")

2. Try different token formats

python
# Option 1: Without prefix
headers = {"x-access-token": "<token>"}

# Option 2: With Bearer prefix
headers = {"x-access-token": "Bearer <token>"}

# Option 3: With Token prefix
headers = {"x-access-token": "Token <token>"}

3. Check documentation

Ensure you’re using the current API version. Sometimes developers change authentication methods in new versions.

4. Contact support

If nothing helps, contact technical support for CRM “My Class” with information:

  • Error text
  • API version
  • Example code with token (without revealing the actual token)

Examples of Correct API Usage

Correct request example:

python
import requests

# Ensure the token is copied without extra characters
api_token = "your_real_token_here"

headers = {
    "x-access-token": api_token,
    "Content-Type": "application/json",
    "User-Agent": "MyApp/1.0"
}

try:
    response = requests.get(
        "https://api.moyklass.com/v1/company/classes",
        headers=headers,
        timeout=30
    )
    
    if response.status_code == 200:
        print("Successful request:")
        print(response.json())
    else:
        print(f"Error {response.status_code}:")
        print(response.text)
        
except requests.exceptions.RequestException as e:
    print(f"Request error: {e}")

Error handling:

python
def make_api_request(token, endpoint):
    headers = {
        "x-access-token": token,
        "Content-Type": "application/json"
    }
    
    try:
        response = requests.get(f"https://api.moyklass.com{endpoint}", headers=headers)
        
        if response.status_code == 401:
            print("Authentication error. Check the token.")
        elif response.status_code == 403:
            print("Access denied. Check token permissions.")
        elif response.status_code == 404:
            print("Resource not found. Check the URL.")
        else:
            response.raise_for_status()
            return response.json()
            
    except requests.exceptions.RequestException as e:
        print(f"Network error: {e}")
        return None

Sources

  1. CRM ‘My Class’ API - api.moyklass.com
  2. REST API Alpha CRM - authentication examples
  3. Authorization through REST API
  4. REST API authentication methods
  5. API authentication | Unified Identity Management

Conclusion

Main reasons why a fresh API token for CRM “My Class” may be invalid:

  1. Incorrect transmission format - check for extra characters and spaces
  2. Lack of necessary rights - ensure the token has access to requested methods
  3. API changes - check documentation currency and authentication methods
  4. Technical limitations - the token may be IP-restricted or require additional headers

To solve the problem, it’s recommended to:

  • Thoroughly check the token for hidden characters
  • Experiment with different token transmission formats
  • Contact technical support for CRM “My Class” to get current authentication information
  • Use code examples from official documentation

Remember that even an active interface token may require special handling when working with the API.

How to properly generate and get an API token for My Class CRM?What access rights need to be configured for the My Class API token?How to check the validity of a My Class API token before use?What headers need to be specified when working with My Class API in Python?What other errors can occur when working with My Class CRM API and how to fix them?How to restrict API token access by IP address in My Class CRM?
Ask NeuroAgent