I have created a Zerotier Network and an API token as well.
Testing the Service REST API on Postman is giving an 401 Error. I am trying to see a node status and addressing info using the API mentioned in the Documentation.
It would be great if anybody has used the APIs and could share the steps.
Attaching the snapshot of the error I am getting on Postman.
I think your API key settings are a little off.
You want to send a header named X-ZT1-Auth, with a value of just your API token. What you have above looks like it’s using the header name of Authorization (which is pretty standard, but not what the ZT API expects) and a value including the prefix token X-ZT1-Auth: which is going to get parsed (unsuccessfully) as your auth token.
(Side note: you probably want to obscure the value of your token when posting a screenshot like this. It’s not a complete secret, but it’s enough to narrow the search space for anyone who felt like compromising your account by a fair bit.)
Hello Lennon,
Thank you for the reply.
I have changed the API settings as you have mentioned. It is still giving the same 401 error.
If you use a plain HTTP header, rather than the Postman native “Auth” functionality, I think injecting your token should work:
The empty blocks for ‘address’ and the header value were removed on my end, but the value was populated with the contents of /Library/Application Support/ZeroTier/authtoken.secret (on my Mac)
Hello Lennon,
Thank you for the reply.
I have changed the authorization as suggested by you.
The headers section looks like this.
Body section is empty.
Is there any additional utility that I have to run??
Are you using the correct API token? You said you created one, and I assume you mean you created one via https://my.zerotier.com. If so, that is an API token for use against https://my.zerotier.com only.
See the Service API Documentation for instructions on where to find the API authorization token for use against the local service API.
Hello Grant,
Thank you for the reply.
Yes, I was using the token created at the site which is used for Central API.
For services API, I did find a authtoken.secret file in the path mentioned by you.
Since, I didn’t have access to it, I changed the permissions for that file and now the ZT desktop UI service is disapperaing in the windows tray icon.
Did uninstall everything and re-installed the ZT but this issue hasn’t been resolved.
Would appreciate you support on this.
Hello Grant,
I did install previous version of 1.6.5 which I was using earlier and it worked for me.
You should not need to change permissions to the authtoken.secret file. If you change it be be accessible to the account you’re logged in as but not the account running the service it absolutely can break.
I suspect you’ll be more successful accessing the secret via an admin terminal, which coincidentally is also a good way to access the zerotier-cli command for diagnosing and managing your network(s).
Downgrading to the 1.6 release series is definitely not something I’d recommend. There have been many, many improvements – including fixes for security and stability issues – that you’ll miss out on running a version from ~2021.
The permissions issue you’re encountering was in fact likely caused by one such fix; in some older versions of ZeroTier, any user on the machine could access and manipulate the ZT secrets used for that machine, even if it was a low-privilege account that should not have elevated network admin privileges.
Hello Lennon,
Thank you for suggesting to access the token via admin terminal. I could read the token value that way without changing the permissions.
Yes, I will be upgrading to the latest 1.10 version.
Thank you so much for your patience and guiding me. Really appreciate the support.
That’s great, and you’re welcome!
Thanks for sticking with it. 
This topic was automatically closed after 30 days. New replies are no longer allowed.
