#✅ - 401 Unauthorized GraphQL query

New to Amplify, as I am switching over from using FaunaDB.
I set up my project with this tutorial: https://docs.amplify.aws/start/getting-started/data-model/q/integration/vue/

I had everything running smooth locally, and loving the GraphQL Playground environment you provide.
But I got side-tracked with work-stuff, so it's been 60+ days since I last worked on my personal project website.

And now when I run npm run dev ... I'm getting errors on all my queries;

{
  "errors" : [ {
    "errorType" : "UnauthorizedException",
    "message" : "You are not authorized to make this call."
  } ]
}```

When I go through the console to the GraphQL playground, I'm still able to run my queries and get back data, but no-go locally, or on the published dev domain.
I'm sure it's something easy that I need to do when my permissions run out, but I've yet to find this info.

Appreciate the hep!

Hi @quartz vapor it may be possible that the user you are signed into your app with does't have permissions to run the query. Ca you verify and try sign in with a user that has permissions? This can happen as there is an option. durig setup with the CLI (amplify init, amplify add auth etc) that will ask if you want to provide Guest access.

So as of now, I'm the only user. I'm still building the site out. There's definitely something about access going away, or maybe a token expiring after so many days of no use?

Im curious then if it is the API Key that may have expired?

Quite possibly. Is there a normal process in Amplify for updating that key?
I noticed that both in local dev mode, and also when hitting the amplify URL they give you ... neither one can hit the API because of access. But when I go through graphql playground, it's fine (I realize that's a different scenario).

Any thoughts on how to handle the two possibilities?

1. My API key has expired.
2. My API key is gone.

@quartz vapor sure thing:

1. If your api key is still there but expired, you can run amplify update api and go through the resetup the auth modes and regenerate the expiry to a future date
2. If the api key is deleted, its a bit more manual - you need to go to the cli-inputs.json/parameters.json files and set CreateApiKey to 0, then run amplify push which will remove the reference from amplify project, then reset it back to 1 and push again to create the api key.

I definitely did not delete anything. When you say "resetup the auth modes " ... what do you mean by that?
I currently have no @auth in my GraphQL schema.
But maybe you mean in a different area?

@quartz vapor do you at least have a globalAuthRule in the schema? If there are no auth rules, there’s no way to make an authorized request

“Re-Setup the auth modes” means run amplify update api > choose GraphQL > Authorization modes > select default > add any additional auth modes > amplify push

No global auth rule in my schema.

Would that explain why it works in Dev mode, but with the amplify.app address, the data briefly displays, then disappears?

don't think that explains it but I'd be curious to see your full schema to get a better sense of how it's expecting requests to be authorized for each model. Any auth rules on the models should be consistent between dev and prod, the global auth rule should not exist in prod because it would apply public access to every model which you probably don't want

✅ - 401 Unauthorized GraphQL query