Based on the information provided in the knowledge sources, there could be several reasons why you're receiving an "Access credentials are invalid" error when trying to access the Ory API, even with a proper bearer token. Let's explore some possible causes and solutions: 1. Token Expiration: Your access token might have expired. OAuth2 access tokens typically have a limited lifespan. You may need to refresh your token or obtain a new one. 2. Incorrect Token Format: Ensure that you're using the correct format for the Authorization header. It should be:

Authorization: Bearer your_access_token_here

3. Rate Limiting: You might be hitting rate limits on the Ory Network. As mentioned in [this GitHub issue](https://github.com/ory/oathkeeper/issues/1167), exceeding rate limits on certain endpoints can lead to authentication failures. 4. Incorrect Audience: If you're using a custom domain, make sure the audience in your token matches the expected audience. As discussed in [this GitHub issue](https://github.com/ory/network/issues/299), using a custom domain as the audience instead of the canonical Ory domain can cause authentication failures. 5. Database Connection Issues: In some cases, backend issues like database connection problems can manifest as authentication errors. This is mentioned in [this GitHub issue](https://github.com/ory/hydra/issues/3671). To troubleshoot further: 1. Verify your token's validity and expiration using the introspection endpoint. You can use the Ory CLI for this:

ory introspect token --project your_project_id your_access_token

2. Double-check that you're using the correct project URL and endpoints. 3. If you're using a custom domain, ensure it's properly configured in your Ory Network settings. 4. If the problem persists, you may want to check the Ory Network status or contact Ory support for further assistance. Remember, without more specific details about your setup and the exact API you're trying to access, it's challenging to pinpoint the exact cause. If you continue to face issues, consider providing more context about your specific use case and configuration.

@chilly-king-10285 i am using this format : curl -X GET "https://YOUR_PROJECT_SLUG.projects.oryapis.com/admin/identities?page_size=100" ^ -H "Authorization: Bearer YOUR_API_KEY"

Based on the format you're using, it appears you're trying to access the Ory Network Admin API to list identities. However, there's a potential issue with your approach. Let me explain: 1. API Key vs. Access Token: You're using an API Key in the Authorization header, but you mentioned a bearer token in your previous question. These are different types of credentials used for different purposes. 2. Admin API Authentication: For the Admin API, which includes the

/admin/identities

endpoint, you should be using an API Key, not an access token. So, your current format is correct in this regard. According to the [Ory API Reference](https://www.ory.sh/docs/reference/api), the

/admin/identities

endpoint requires authentication using an API Key. Here's the correct format for your curl command, based on the [Ory documentation on API Keys](https://www.ory.sh/docs/concepts/personal-access-token):

curl -X GET "<https://YOUR_PROJECT_SLUG.projects.oryapis.com/admin/identities?page_size=100>" \ -H "Authorization: Bearer ory_pat_YOUR_API_KEY"

Key points to note: 1. Ensure you're using an API Key (Personal Access Token) that starts with

ory_pat_

or

ory_apikey_

. 2. Replace

YOUR_PROJECT_SLUG

with your actual project slug. 3. Replace

YOUR_API_KEY

with your actual API Key. If you're still encountering issues, please check the following: 1. Verify that your API Key is valid and hasn't expired. You can create or manage API Keys in the [Ory Console](https://console.ory.sh/). 2. Ensure you have the necessary permissions to access the Admin API. 3. Double-check your project slug to make sure it's correct. If the problem persists after verifying these points, you may want to check the [Ory Network status](https://status.ory.sh/) or contact Ory support for further assistance.

To remove or reset a person's verified email in Ory, you need to use the Update Identity API endpoint. This process involves modifying the

verifiable_addresses

field of the identity. Here's the API request format:

PUT <https://YOUR_PROJECT_SLUG.projects.oryapis.com/admin/identities/{id}>

You need to replace

{id}

with the actual ID of the identity you want to update. The request body should be a JSON object containing the updated identity information. To remove or reset the verified email, you would need to either remove the

verifiable_addresses

field entirely or set the

verified

status to

false

for the email address in question. Here's an example of how you might structure your request:

bash curl -X PUT "<https://YOUR_PROJECT_SLUG.projects.oryapis.com/admin/identities/{id}>" \ -H "Authorization: Bearer ory_pat_YOUR_API_KEY" \ -H "Content-Type: application/json" \ -d '{   "schema_id": "<preset://email>",   "traits": {     "email": "<mailto:user@example.com|user@example.com>"   },   "verifiable_addresses": [     {       "value": "<mailto:user@example.com|user@example.com>",       "verified": false,       "via": "email",       "status": "pending"     }   ] }'

In this example: - We're setting

verified

to

false

and

status

to

pending

to reset the verification status. - If you want to remove the verified email entirely, you could omit the

verifiable_addresses

field completely. Remember to replace

YOUR_PROJECT_SLUG

with your actual project slug,

{id}

with the identity's ID, and

ory_pat_YOUR_API_KEY

with your actual Ory API key. This information is based on the [Ory API Reference](https://www.ory.sh/docs/reference/api) and the [Ory documentation on importing identities](https://www.ory.sh/docs/kratos/manage-identities/import-user-accounts-identities), which includes information about handling verified addresses. Please note that modifying identity information directly via the API should be done with caution, as it can affect the user's ability to authenticate or recover their account. Always ensure you have proper backups and understand the implications of such changes.