Issue Description:
When users send a POST request to the Conversational AI Agent Join API, the response returns a 401 Authorization required error. This occurs even though the request includes an Authorization header generated from AI Studio.
Platform/SDK:
RESTful API – Conversational AI Agent (API endpoint https://api.sd-rtn.com/cn/api/conversational-ai-agent/v2/)
Error Message:
401
{"message": "Authorization required"}
Solution and Root Cause:
This issue is caused by the API request being automatically redirected (HTTP 308) to an upstream IP address due to an extra slash at the end of the request path.
When the URL ends with a slash /, for example:
https://api.sd-rtn.com/cn/api/conversational-ai-agent/v2/projects/<appid>/join/the server redirects the request to another endpoint (e.g., an IP-based address). During this redirect, the authorization information is not passed along, resulting in a 401 error indicating the request is unauthorized.
The root cause was linked to an update in the gateway’s authentication mechanism, which enforces stricter token validation and does not automatically reattach credentials during redirects.
To resolve the issue:
-
Remove the trailing slash (
/) from the request URL.
❌ Incorrect:https://api.sd-rtn.com/cn/api/conversational-ai-agent/v2/projects/<appid>/join/
✅ Correct:https://api.sd-rtn.com/cn/api/conversational-ai-agent/v2/projects/<appid>/join - Regenerate the request URL if it was created by AI Studio. The tool may need to update its configuration to use the correct URL format.
- Ensure you are sending the request through the standard openapi entry point, which automatically includes proper authorization headers.
- Retry the request after correction; it should complete successfully without returning a 401 error.
Root Cause:
The error occurred because the extra slash in the request URL caused a redirect that stripped the authorization header. The updated authentication mechanism does not preserve credentials across redirects.
Prevention/Best Practice:
Always verify that API requests do not include an unintended trailing slash and confirm that the endpoints are requested through the official openapi gateway to ensure authorization headers are properly attached.
Corresponding Document/Link:
- Conversational AI Product Console