Introduction
Authentication key errors prevent events from being processed by ServerTrack. This guide explains common authentication key errors, their causes, and how to resolve them quickly.
Common Error: "Invalid Authentication Key" or "401 Unauthorized" errors usually mean the key in your tracking script doesn't match the key in your ServerTrack dashboard.
Common Authentication Key Errors
1. "Invalid Authentication Key" Error
Symptoms: Events fail with "Invalid Authentication Key" or "Invalid Key" message in logs.
Causes:
- Authentication Key is incorrect or misspelled in tracking script
- Key was regenerated but script wasn't updated
- Extra spaces or characters in the key
- Key belongs to a different Server Deck
- Key was copied incorrectly (missing or extra characters)
2. "401 Unauthorized" Error
Symptoms: HTTP 401 status code, events rejected by ServerTrack API.
Causes:
- Authentication Key is missing from request
- Key is invalid or expired
- Key format is incorrect
3. Missing Authentication Key
Symptoms: Events fail or script doesn't load, no key parameter in request.
Causes:
- Key parameter missing from script URL
- Script was modified incorrectly
- Key was accidentally deleted from script
Checking Your Authentication Key
To verify your Authentication Key is correct:
Step 1: Get Key from Dashboard
- Log in to your ServerTrack dashboard
- Select your Server Deck
- Go to Edit Configuration section or Overview
- Copy the Authentication Key displayed (click copy button or manually select)
Step 2: Compare with Your Script
- View your website's source code (Right-click → View Page Source)
- Search for "tracker.js" or "datalayer.js" in the source
- Find the script tag with your ServerTrack script
- Locate the
key=parameter in the script URL - Compare the key value with the key from your dashboard
- They must match exactly (case-sensitive)
Step 3: Verify Key Format
Authentication Keys should:
- Be 40 characters long
- Contain only uppercase letters and numbers (A-Z, 0-9)
- Have no spaces or special characters
- Start with letters (typically)
Fixing Authentication Key Errors
Fix 1: Update Script with Correct Key
- Get the correct Authentication Key from your ServerTrack dashboard
- Copy the complete tracking script from the Installation section
- Replace the old script on your website with the new one
- Ensure the entire script is replaced (not just the key portion)
- Save changes
- Clear browser cache and test
Fix 2: Handle Regenerated Key
If you regenerated your Authentication Key:
- Get the new Authentication Key from Settings → Authentication
- Update your tracking script with the new key
- Update the script on all websites using ServerTrack
- Test by triggering an event and checking Event Logs
Important: After regenerating your key, you MUST update your tracking script immediately. Events sent with the old key will be rejected.
Fix 3: Add Missing Key
If the key is missing from your script:
- Get your Authentication Key from the dashboard
- Re-copy the complete script from Installation section
- Replace your current script entirely (don't try to add just the key)
- Ensure script includes the
key=parameter
Preventing Authentication Key Errors
Always Copy Complete Script
- Copy the entire script from Installation section
- Don't manually type or modify the key
- Use the copy button provided in dashboard
Update After Regeneration
- If you regenerate your key, update scripts immediately
- Set reminders or document where scripts are installed
- Test after updating to ensure events work
Verify Installation
- Check browser console for JavaScript errors
- Verify script loads in Network tab
- Test with a simple event and check Event Logs
When to Regenerate Your Key
Regenerate your Authentication Key if:
- You suspect it has been compromised or exposed
- You've shared it publicly by mistake
- You want to rotate keys for security best practices
- You're experiencing unauthorized usage
How to Regenerate
- Log in to ServerTrack dashboard
- Select your Server Deck
- Go to Settings
- Find "Authentication Key" section
- Click "Regenerate Key"
- Confirm the regeneration
- A new key will be generated immediately
- Update your tracking script with the new key
Security Best Practices
- Keep Key Secret: Never share your Authentication Key publicly
- Don't Commit to Git: Don't commit keys to public repositories
- Use Environment Variables: For server-side usage, store keys in environment variables
- Monitor Usage: Regularly check Event Logs for unexpected activity
- Regenerate Regularly: Consider regenerating keys periodically (every 6-12 months)
Testing After Fix
After fixing authentication key errors:
- Clear your browser cache
- Visit your website
- Open Developer Tools → Network tab
- Verify script loads successfully (status 200)
- Trigger a test event (e.g., page view)
- Check ServerTrack Event Logs - event should show "success" or "pending" (not "blocked")
- Verify no authentication errors appear
Troubleshooting Checklist
- ✔ Authentication Key matches exactly between dashboard and script
- ✔ Key has no extra spaces or characters
- ✔ Script includes the key parameter in the URL
- ✔ Key hasn't been regenerated without updating script
- ✔ Script is placed correctly in <head> tag
- ✔ Browser cache is cleared
- ✔ No JavaScript errors in browser console
- ✔ Script loads successfully (check Network tab)
Summary
Authentication key errors are usually resolved by:
- Verifying the key in your script matches the dashboard exactly
- Updating your script with the correct key
- Ensuring key hasn't been regenerated without updating script
- Checking for typos, extra spaces, or missing characters
- Clearing browser cache and testing again
Always copy the complete script from your dashboard rather than manually typing the key. This prevents most authentication errors.
For more information, see our Understanding Your Authentication Key guide.