API errors
Unauthorized
The request did not carry a valid API key, so it was rejected before doing any work.
- Error type
https://normbill.com/docs/errors/unauthorized- HTTP status
- 401
Common causes
- The Authorization header is missing or not in the form "Bearer sk_live_…" / "Bearer sk_test_…".
- The key is malformed (typo, truncated, or wrapped in quotes/whitespace).
- The key is unknown or has been revoked in the dashboard.
How to fix it
- Send the key exactly as "Authorization: Bearer sk_live_…". The full key is shown once at creation.
- Create or rotate keys in the dashboard; a revoked key cannot be re-enabled.
- Check you are using the right mode: sk_test_ keys for testing, sk_live_ keys for production.
The error response format
Every non-2xx response from the API is an RFC 9457 problem-details body (application/problem+json) with at least type, title, status and detail. The type URL links back to this reference.
All error slugs: invalid-request, bad-request, payload-too-large, unauthorized, validation-failed, unparseable-document, plan-limit, quota-exceeded, rate-limited, overage-cap-reached, validate-fair-use, idempotency-key-invalid, idempotency-key-reuse, idempotency-conflict, pdf-unavailable, validator-unavailable, not-ready. Still stuck? Email support@normbill.com or start at the docs overview.