AI makes mistakes! Undisk makes recovery instant: every write is versioned, every file is reversible.
See it heal →
Use this runbook when requests fail with auth or scope errors.

Checklist

  • Confirm bearer format for Authorization headers.
  • Verify header casing and interpolation behavior in your client.
  • Validate that environment variables are loaded in the process that issues MCP requests.
  • Confirm API key/workspace pairing aligns with the target operation.

Typical 401 response

{
  "error": "unauthorized",
  "message": "Authentication required"
}

Header shape: correct vs broken

# Correct
Authorization: Bearer sk_live_abc123...

# Broken (missing "Bearer ")
Authorization: sk_live_abc123...

Patterns that often fail

  • Mixing static and prompted secrets in the same config file.
  • Copying examples with unresolved placeholders into production configs.
  • Assuming WebSocket clients support custom headers during upgrade.

Client env-var checks

  • Cursor: open MCP logs pane and confirm UNDISK_API_KEY is interpolated.
  • Claude Desktop: verify generated stdio command resolves env vars in your shell profile.
  • VS Code: confirm prompt-backed secret was saved for the active profile.