What it means
The MCP server could not identify the caller. Either theAuthorization: Bearer ... header was missing, or the token was rejected by Passport (revoked, malformed, or issued for a different audience). The Passport middleware normally raises this before a tool handler runs, but a handler may throw it when a wrapped partner API demands a fresh bearer of its own.
How to fix
- Re-run the OAuth flow from your client (Claude Desktop, ChatGPT, Cursor) to obtain a fresh access token.
- Confirm the
Authorization: Bearer <token>header is on the request. - If the token was recently revoked from the Aeris dashboard, the user must reconnect.
Response envelope
details is empty for this code.
Related
AUTH_EXPIRED— same 401 status, but the token was previously valid.SCOPE_INSUFFICIENT— the token authenticates, but is missing a scope.