Expand my Community achievements bar.

401: request is invalid, reason: failed authorization. Please verify your token and organization id


Community Advisor

Following up with related reported issue around 401 erorr. 

I have observed that i cannot use Analytics/target api with "require-adobe-auth" : true. 

It all works well when i set it to false

Find below the error i get when i set to true. 

Could somebody help out before i push this app live? does not make sense to have it set to false in production. 





aio and node version tried 

  • @adobe/aio-cli/8.1.0 darwin-x64 node-v16.2.0
  • @adobe/aio-cli/8.1.0 darwin-x64 node-v14.17.0

ext.config.yml when i get that error

            LOG_LEVEL: debug
            companyId: $ANALYTICS_COMPANY_ID
            apiKey: $SERVICE_API_KEY
            require-adobe-auth: true
            final: true




Topics help categorize Community content and increase your ability to discover relevant content.

4 Replies



Would you mind posting or sending me the code for that action so we can look at it closer?



BTW saw this note in the auth section of the product documentation




The validator action enabled by require-adobe-auth: true annotation requires the provided IMS access token to have the read_organizations scope. While it is always the case for user tokens used in SPAs, the JWT access tokens used in headless applicationss may not have this scope. This will be the case if it is generated to integrate with the following services:

  • Adobe Analytics
  • Adobe Campaign Standard
  • No API Service enabled


So check your .env file for a line like this and add read_organizations scope to it




That does not seem like the fix though.  Now that I think about it more and look at the error closer.


Is the caller of that action a part of your org and are they passing AUTH header with the request to make that call?


Community Advisor

@dr_venture Thank you for getting back, have been scratching head over this for a while now! 

  • add the organisation scope and did not really help same issue. 
  • Yes the caller of the action from the UI (logged in as admin) is passing the auth header with the request. Will send you the code for reference.