> ## Documentation Index
> Fetch the complete documentation index at: https://docs.tryaeris.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Authentication required (AUTH_REQUIRED)

> The request had no bearer token, or the token was not accepted by Passport.

## What it means

The MCP server could not identify the caller. Either the `Authorization: Bearer ...` header was missing, or the token was rejected by Passport (revoked, malformed, or issued for a different audience). The Passport middleware normally raises this before a tool handler runs, but a handler may throw it when a wrapped partner API demands a fresh bearer of its own.

## How to fix

* Re-run the OAuth flow from your client (Claude Desktop, ChatGPT, Cursor) to obtain a fresh access token.
* Confirm the `Authorization: Bearer <token>` header is on the request.
* If the token was recently revoked from the Aeris dashboard, the user must reconnect.

## Response envelope

```json theme={"dark"}
{
  "ok": false,
  "error_envelope": {
    "code": "AUTH_REQUIRED",
    "message": "Authentication is required.",
    "docs_url": "https://tryaeris.ai/docs/mcp/errors/auth-required",
    "retryable": false,
    "retry_after_ms": null,
    "details": {}
  }
}
```

`details` is empty for this code.

## Related

* [`AUTH_EXPIRED`](/mcp/errors/auth-expired) — same 401 status, but the token was previously valid.
* [`SCOPE_INSUFFICIENT`](/mcp/errors/scope-insufficient) — the token authenticates, but is missing a scope.
