SAP Knowledge Base Article - Public

3743765 - 401 Unauthorized Error When Accessing REST API Endpoints in SAP Analytics Cloud (SAC)

Symptom

401 Unauthorized Error When Accessing REST API Endpoints in SAC

Environment

SAP ANALYTICS CLOUD 2026.2.10 

Reproducing the Issue

  1. Copy a REST API endpoint path (for example, /api/v1/Scim2/Users).
  2. Paste the endpoint into a web browser and open it.

Notice : The request returns 401 (Unauthorized).

Cause

  • The tenant is routed via the API Proxy. The API Proxy does not have session management and relies on token‑based (OAuth) authentication, so browser calls without an OAuth Bearer token return 401.  
  • For tenants that use only the Public API (not routed via the API Proxy), browser calls may be allowed; however, this does not apply to API Proxy–routed tenants.  

Resolution

  1. Avoid calling REST API endpoints directly in a browser, as session-based access is not supported via the API Proxy.  
  2. Configure and use an OAuth client for the tenant to access the SAC Public APIs.  
  3. Obtain an OAuth access token from the configured OAuth client using the appropriate flow and include it in the Authorization header: Authorization: Bearer .  
  4. Run the API request with a REST client (for example, curl or Postman) including the Bearer token to the required endpoint (for example, /api/v1/filerepository/...).  
  5. If 401 persists, verify the OAuth client configuration (redirect URIs, grant type, scopes/permissions) and ensure that the token is valid and unexpired.  

See Also

Keywords

SAC API error, unauthorized access, API token issue, OAuth authentication, bearer token failure, SAC tenant issue, API proxy routing, REST client error, filerepository endpoint, SAC public API, session management error, access token validation, authorization header issue , KBA , LOD-ANA-ADM , SAC Administration , Problem

Product

SAP Analytics Cloud 1.0