401 Response

Make sure you’ve set the Authorization header to Token token=<secret>, where <secret> is the API authentication token you’ve set in your docker-compose.yml file with the API_AUTH_TOKEN environment variable.


The Server API should only be accessed from your backend servers and not by the clients. Giving the API authentication token to clients is a security concern. More information about how PSPDFKit Document Engine is secured can be found in the PSPDFKit security guide.