Skip to main content

Source: ocean/docs/troubleshooting-401-errors.md | ✏️ Edit on GitHub

Troubleshooting 401 Unauthorized Errors

This guide helps you resolve 401 (Unauthorized) errors that may appear in the browser console.

PostHog 401 Errors

Symptoms

  • Console errors showing POST https://us.i.posthog.com/flags/?v=2... 401 (Unauthorized)
  • PostHog analytics not working

Causes

  1. Missing PostHog API key in environment variables
  2. Invalid or expired PostHog API key
  3. Incorrect PostHog project configuration

Solutions

  1. Check if PostHog API key is set:

    # Check your .env file
    cat .env | grep VITE_POSTHOG_API_KEY

  2. Verify the API key format:

    • PostHog API keys should start with phc_
    • Example: phc_1234567890abcdef...

  3. Set the correct environment variables:

    # .env or .env.local
    VITE_POSTHOG_API_KEY=phc_your_actual_api_key_here
    VITE_POSTHOG_HOST=https://us.posthog.com
    VITE_POSTHOG_PROJECT_ID=your_project_id

  4. Get your PostHog API key:

    • Log in to PostHog
    • Go to Project Settings → API Keys
    • Copy the Project API Key (not Personal API Key)

  5. For local development without PostHog:

    • The app will now gracefully handle missing PostHog configuration
    • You'll see an info message in dev mode: "PostHog disabled: No API key provided"

GraphQL 401 Errors

Symptoms

  • Console errors showing POST https://fldiayolmgphysdwgsuk.supabase.co/functions/v1/graphql-v2 401 (Unauthorized)
  • Data not loading in the application
  • "Authentication failed" error messages

Causes

  1. Expired JWT access token
  2. Missing authentication token
  3. Invalid Supabase session
  4. Edge function authentication issues

Solutions

  1. Force a session refresh:

    // In browser console
    localStorage.clear()
    sessionStorage.clear()
    location.reload()

  2. Check if you're properly logged in:

    • Sign out and sign back in
    • This will generate a fresh access token

  3. Verify Supabase configuration:

    # Required environment variables
    VITE_SUPABASE_URL=https://your-project.supabase.co
    VITE_SUPABASE_ANON_KEY=your_anon_key_here

  4. Check JWT token expiration:

    // In browser console, check your current session
    const session = JSON.parse(localStorage.getItem('sb-fldiayolmgphysdwgsuk-auth-token'))
    console.log('Access token:', session?.access_token)
    console.log('Expires at:', new Date(session?.expires_at * 1000))

  5. For persistent issues:

    • Clear all browser data for the site
    • Check if Supabase Edge Functions are properly deployed
    • Verify Row Level Security (RLS) policies in Supabase

Prevention

The codebase now includes improved error handling:

  1. PostHog errors are suppressed when no API key is provided
  2. GraphQL 401 errors show user-friendly messages
  3. Automatic retry logic for temporary network issues
  4. Better error boundaries to prevent app crashes

Development Tips

  1. Running without PostHog:

    • Simply don't set VITE_POSTHOG_API_KEY
    • The app will run normally without analytics

  2. Testing authentication:

    • Use the browser's Network tab to inspect GraphQL requests
    • Check the Authorization header is present
    • Verify the JWT token format: Bearer eyJ...

  3. Debugging GraphQL errors:

    • Enable GraphQL client debug mode in development
    • Check Supabase Edge Function logs
    • Verify CORS settings for your domain

Getting Help

If you continue to experience issues:

  1. Check the Supabase Status Page
  2. Review PostHog Status
  3. Check GitHub Issues for similar problems
  4. Contact support with:
    • Browser console logs
    • Network tab screenshots
    • Environment configuration (without secrets)