# 20151: Authentication Failed

Log Type: TWILIO

Log Level: ERROR

## Description

This error indicates that authentication with the provided `JWT` failed when Twilio attempted to validate the token for an API/SDK request. It is listed in Twilio's Error and Warning Dictionary as Authentication Failed under API errors. Twilio Access Tokens are `JWT`s used to authenticate client-side SDKs, and incorrect or invalid tokens will fail authentication.

### Possible causes

* Invalid `JWT` header.
* Invalid `iss` or `sub` values in the token.
* Invalid claim set in the token payload.
* Token time-related issues, such as expiration set in the future, expired or invalid expiration, or expiration exceeding the maximum allowed lifetime.

### Possible solutions

* Re-generate the Access Token on your server using the correct API Key SID and secret, and ensure the token header and payload are properly formed: `typ` must be `JWT`, `alg` must be `HS256`, and `cty` must be `twilio-fpa;v=1`; include required claims like `iss` (API Key SID), `sub` (Account SID), `iat`, and appropriate `grants`.
* Verify token lifetime settings: set `exp` within the permitted window (tokens are short‑lived and have a maximum age of 24 hours) and avoid setting `nbf` in the future relative to the server time. If needed, reissue a fresh token.
* Use the Twilio Console Debugger and error logs to inspect the specific event and any accompanying, more granular token error codes to pinpoint the underlying cause.

#### Additional resources

* [Access Tokens](/docs/iam/access-tokens)
* [Debugging Your Twilio Application](/docs/usage/troubleshooting/debugging-your-application)