20 result(s) for "Unauthorized"
Your Base44 app's admin panel, dashboard, or management pages are accessible to anyone who knows or guesses the URL. There is no login requirement, no role c...
Your app makes calls to an API (its own backend, Supabase, or a third-party service) and those calls fail. You see errors in the console like 500, 403, 404, ...
Claude Code generated code with API keys, database passwords, or other secrets hardcoded directly in source files. These credentials are now committed to you...
Your Lovable app has API keys, database credentials, or other secrets visible in the browser's source code or network requests. Anyone who views your site ca...
API requests generated by Cursor are missing required headers, causing requests to fail with 400 or 401 errors. The server requires specific headers like Aut...
User logs in successfully but gets redirected to login page again. Auth state is lost after clicking a link or navigating. Session appears to end prematurely...
Security middleware is not executing after Cascade refactored the filter chain configuration. CORS is broken, authentication is bypassed, or request logging ...
Expert cannot create GitHub forks for fix requests after Cascade modified the GitHub OAuth integration. The fork operation fails with 'permission denied' eve...
Your Bolt.new application is bundling sensitive environment variables into the client-side JavaScript code. Anyone who opens browser DevTools can see your AP...
After Cursor reorganized middleware in your Express app, authentication checks run after route handlers, causing protected routes to execute without validati...
Your app fails to authenticate with GitHub API using stored tokens. The token is rejected as invalid, expired, or lacking required scopes. GitHub tokens have...
Users experience sudden logout after being idle or when making requests. API calls start failing with 401 Unauthorized. The JWT token has expired but the app...
Your v0-generated API routes accept JWT tokens but do not properly validate them before granting access to protected resources. The token signature is not ve...
API requests fail with JWT verification errors even though the token appears valid. Tokens work initially but fail after some time or across different server...
Users try to log in or create an account but nothing happens, they get an error, or they're stuck in a loop. This is one of the most common issues with AI-ge...
Your OAuth2 provider (Google, GitHub, Facebook) authentication fails immediately with cryptic errors. The login redirect works but authorization fails. Commo...
After using Cursor's AI to refactor authentication code, OAuth token refresh requests return 401 Unauthorized errors. The application was previously handling...
Something is very wrong with your app. Maybe you're seeing content you didn't create, users are reporting strange activity, your database has been wiped, or ...
Spring Actuator endpoints (/actuator/metrics, /actuator/health) return 401 Unauthorized. Metrics and health checks are blocked. Security configuration restri...
You've configured a third-party API integration in your Base44 app (such as connecting to Stripe, SendGrid, Airtable, or a custom REST API), but the integrat...