Skip to content
AnglinAI Docs

ERR_AI_AUTH_INVALID — AI Authentication Invalid

HTTP Status: 502 Retryable: No Automatic retry: None. Authentication errors are permanent and not retried.

What the User Sees

AI service authentication failed. The API key may be invalid or expired. (ERR_AI_AUTH_INVALID)

What Causes This Error

The ANTHROPIC_API_KEY, GEMINI_API_KEY, or other AI provider key stored as a Cloudflare Worker secret is invalid, expired, or was rotated without updating the secret. This is one of the most common operational errors and has historically caused extended outages when keys are rotated upstream but the Worker secret is not updated.

For Anthropic specifically, the validateAnthropicKey() pre-flight check in routes/convert.ts catches this before conversion starts. The pre-flight makes a lightweight count_tokens API call to verify the key is actually valid, returning a clear 401 error to the frontend immediately rather than failing mid-conversion.

For Gemini and OpenAI, there is no pre-flight validation. The error surfaces during the first actual API call in the conversion pipeline. This means the user may wait longer before seeing the error, and partial work may have been done.

Key rotation is the most common trigger. When Anthropic or Google rotate keys or revoke old ones, the Worker secret becomes stale. This can also happen if a billing issue causes the provider to disable the key.

Resolution Steps

For Users

  1. This error indicates a server configuration issue, not a problem with your document or account.
  2. There is nothing you can do to fix this on your end.
  3. Try again later — the operations team may already be aware of the issue.
  4. If the error persists for more than 30 minutes, contact support.

For Administrators

  1. Identify which AI provider key is invalid by checking the structured logs in Grafana. The error log entry will include the provider name.
  2. For Anthropic, update the secret:
    Terminal window
    cd workers/api && echo "NEW_KEY" | npx wrangler secret put ANTHROPIC_API_KEY --env production
  3. Verify the new key works with a direct API test:
    Terminal window
    curl -H "x-api-key: $KEY" \
         -H "anthropic-version: 2023-06-01" \
         -H "content-type: application/json" \
         https://api.anthropic.com/v1/messages/count_tokens \
         -d '{"model":"claude-haiku-4-5-20251001","messages":[{"role":"user","content":"test"}]}'
  4. For Gemini, update: echo "NEW_KEY" | npx wrangler secret put GEMINI_API_KEY --env production
  5. After updating, trigger a test conversion to confirm the fix.
  6. Check the Anthropic console at https://console.anthropic.com to verify key status and permissions.