401 Response
Make sure you’ve set the Authorization
header to Token token=<secret>
, where <secret>
is the API authentication token you’ve set in your docker-compose.yml
file with the API_AUTH_TOKEN
environment variable.
The Server API should only be accessed from your backend servers and not by the clients. Giving the API authentication token to clients is a security concern. More information about how Document Engine is secured can be found in the PSPDFKit security guide.