Hello Railway Support,

I’m encountering persistent unauthorized errors when deploying via the CLI with a token.

Steps to Reproduce

1. railway logout && rm -rf ~/.config/railway (to clear state)

2. export RAILWAY_TOKEN="$(printf %s "<TOKEN>")"

3. railway whoami

4. railway up -v

Expected Result

• railway whoami should succeed (for user token) and railway up should deploy successfully.

• For a deploy token, railway up should work in a linked directory.

Actual Result

• railway whoami → unauthorized

• railway up → unauthorized (no additional actionable detail)

Troubleshooting Tried

• Cleared auth state: railway logout and removed ~/.config/railway

• Ensured token has no trailing newline (used printf), verified env var present

• Updated CLI to latest and re-tested

• Verified project link: .railway/project.json present (railway link <PROJECT_ID>)

• Selected environment/service explicitly: railway environment <ENV> and railway up --service <SERVICE>

• Checked system time sync and disabled proxy/mitm temporarily

When I use railway login everything works fine.

Questions

1. Is it expected that deploy/service tokens return unauthorized for whoami? (If so, can you confirm the minimal required context for railway up to succeed with such tokens?)

2. Can you verify on your side whether this token is valid/not revoked and mapped to the project/environment above?

3. Are there any recent permission/scope changes to tokens that could cause this behavior?

Happy to provide additional logs or run any debug builds if helpful.
Thanks in advance!