# API02003: Token Invalid

## What This Means[​](#what-this-means "Directe link naar What This Means")

The authentication token being used is not recognized by the server. This is different from an expired token — this token was never valid or has been revoked.

## Common Causes[​](#common-causes "Directe link naar Common Causes")

* **Token revoked** — An administrator revoked the session
* **Token corrupted** — Data corruption during storage or transmission
* **Server reset** — Server secret keys changed, invalidating all tokens
* **Wrong server** — Token from a different WordPress installation

## Server Error Mapping[​](#server-error-mapping "Directe link naar Server Error Mapping")

This error code is triggered when the server returns:

| Server Code              | Source                    |
| ------------------------ | ------------------------- |
| `jwt_auth_invalid_token` | JWT Authentication plugin |

## How to Fix[​](#how-to-fix "Directe link naar How to Fix")

### 1. Log In Again[​](#1-log-in-again "Directe link naar 1. Log In Again")

Clear your session and authenticate fresh:

1. Log out completely
2. Close and reopen the POS
3. Log in with your credentials

### 2. Clear Application Data[​](#2-clear-application-data "Directe link naar 2. Clear Application Data")

If logging out doesn't work:

* Clear the POS app cache/data
* On web: Clear browser cookies and local storage for the site
* On desktop: Check app settings for a "Clear Data" option

### 3. Check Server Configuration[​](#3-check-server-configuration "Directe link naar 3. Check Server Configuration")

If the issue affects all users:

* Check if WordPress salts were changed
* Verify JWT or authentication plugin settings
* Review recent server changes

### 4. Verify You're on the Correct Server[​](#4-verify-youre-on-the-correct-server "Directe link naar 4. Verify You're on the Correct Server")

Ensure the POS is configured to connect to the right WordPress site, especially if you have multiple installations.

## Related Errors[​](#related-errors "Directe link naar Related Errors")

* [API02002](/nl/error-codes/API02002.md) — Token Expired
* [API02008](/nl/error-codes/API02008.md) — Refresh Token Invalid