In this article, we will see how to solve "token can not be verified: Full authentication is required to access this resource" error while trying to access some resource using a REST API endpoint. This is a pretty common error which lots of folks receives while trying to request a resource by sending GET request to an API endpoint. You may encounter this error in any of the client applications such as curl or postman depending on what you are using to interact with REST API endpoint.

What is JWT Token

JWT, also known as JSON Web Token is a self-contained, digitally signed security token designed to safely carry identity and authorization information between systems in a compact and portable form. Unlike traditional session-based mechanisms, a JWT holds all the necessary claims about a user or client within the token itself, allowing servers to verify trust without storing session data.

What makes a JWT unique is its three-part structure - header, payload, and signature - which together ensure integrity and authenticity. The header defines how the token is secured, the payload contains structured claims such as user identity, roles, permissions, and expiration time, and the signature cryptographically binds the token to its issuer. This signature allows any receiving system to independently validate that the token has not been altered and was issued by a trusted authority.

JWTs are widely used in modern, distributed architectures because they are stateless, scalable, and language-agnostic. Once issued, a JWT can be passed between clients, APIs, and microservices to prove identity and access rights without repeated database lookups. Although the payload is encoded and readable, the cryptographic signature ensures that the data cannot be modified without detection, making JWTs suitable for secure authentication and authorization flows when used with best practices.

In a real world, a JWT token acts as a secure digital passport - compact enough to travel with every request, trustworthy enough to validate identity, and flexible enough to support modern cloud-native and API-driven applications.

Solved "Token can not be verified: Full authentication is required to access this resource"

Also Read: Solved "colima start showing FATA[0004] error starting vm: error at starting: exit status 1"

In my case, I got "token can not be verified: Full authentication is required to access this resource" error in Postman while trying to send a GET request to my REST API endpoint. This error could occur due to multiple reasons but most of the time it occurs when correct API  Key is provided in header request but bearer jwt authentication token has not been passed in header while sending GET request. So basically when I checked Headers section in my Postman application, I noticed below api-key was there in key value section:-

api-key   X9f3K2LmA8QwR7T6ZB1C0YpEJH5N4M

But when I checked the Authorization section, I noticed Bearer Token was not given and hence not getting passed in Headers section in Postman and hence resulting in "token can not be verified: Full authentication is required to access this resource" error. So, in order to fix this issue, it is absolutely required to generate jwt token first and then provide that token as Bearer Token in Auth Type. It should look something like below in Postman:-

Auth Type: Bearer Token
Token: eyJhbGciOiJIUzI1NiIsInR5c........

It is important to make sure that above jwt token is not expired. After providing correct bearer token, if you click on Send again, you will notice that Authorization section in Headers is populated with hidden values as you can see below and then a request is sent again to REST API endpoint. If your token is valid then you will see a response from API. This should fix your issue.

Sometimes, it is also possible that you might provide authentication token but forgot to provide api-key in headers section. In this case, you will see another error called "No API key found in request" on Postman JSON output. If you see this error on output then all you need to do is to just provide api-key in Key section and the respective key data in Value section. Please do not provide default x-api-key in Headers section as sometimes it does not work. It works only if you provide api-key in Key section. Hope this helps. Please let me know your feedback in comment section.

In this article, we will see how to fix colima error  " FATA[0004] error starting vm: error at starting: exit status 1"  which you may encounter during starting colima instance. It is a free and lightweight command line tool for MacOS and Linux based systems that provides docker container runtimes to locally run the workload with minimal setup required. Colima has been popularly used by many developers and programmers as an alternative to Docker desktop. Although it is very easy to use as compared to other docker runtimes available out there but occasionally we may get hit by error sometimes.

One of such error you can see is "FATA[0004] error starting vm: error at starting: exit status 1"  during startup of the instance if it did not stopped or deleted properly before due to whatever reasons. In my case, after installing colima through homebrew, I started VM instance and then using it to run my workload locally but after completion of my work I forgot to shutdown or delete properly and ended up terminating it.

Solved "colima start showing FATA[0004] error starting vm: error at starting: exit status 1"

Also Read: Solved "HPA and KEDA(ScaledObject) terminating manually scaled up pods in Kubernetes"

After termination of instance, when I tried to start it again using same colima start command, it was throwing below error on output and failed to start.

cyberithub@macos1066 % /opt/homebrew/opt/colima/bin/colima start -f
INFO[0000] starting colima
INFO[0000] runtime docker
INFO[0000] starting ...
> Using the existing instance "colima"
> Starting the instance "colima" with internal VM driver "vz"
> [hostagent] hostagent socket created at /Users/cyberithub/.colima/_lima/colima/ha.sock
> [hostagent] Starting VZ (hint: to watch the boot progress, see "/Users/cyberithub/.colima/_lima/colima/serial*.log")
> exiting, status={Running:false Degraded:false Exiting:true Errors:[] SSHLocalPort:0 CloudInitProgress:<nil>} (hint: see "/Users/cyberithub/.colima/_lima/colima/ha.stderr.log")
FATA[0004] error starting vm: error at 'starting': exit status 1

Above error usually occurs when the existing instance did not deleted or shutdown properly. In case you also face this kind of situation then to fix above error and to start instance, you have to first delete the instance and all its settings using colima delete command as shown below.

cyberithub@macos1066 % colima delete
are you sure you want to delete colima and all settings? [y/N] y
INFO[0003] deleting colima
INFO[0004] done

And then only you can again try to start vm instance by using colima start command.  You may notice that this time it will start without any error as shown below.

cyberithub@macos1066 % /opt/homebrew/opt/colima/bin/colima start -f
INFO[0000] starting colima
INFO[0000] runtime: docker
INFO[0002] creating and starting ...          context=vm
INFO[0021] provisioning ...                   context=docker
INFO[0023] starting ...                       context=docker
INFO[0025] done 
INFO[0025] keeping Colima in the foreground, press ctrl+c to exit...

And that's it. You can now continue with your work. You can also explore other colima commands such as colima stop to stop any running vm.

cyberithub@macos1066 % colima stop

To check current running status of colima, run colima status command as shown below.

cyberithub@macos1066 % colima status

Hope it helps !! Please let me know your feedback in comment box !!