a month ago
Railway CLI railway whoami, railway project list)
Unauthorized. Please check that your RAILWAY_TOKEN is valid and has access to the resource you're trying to use.
Railway GraphQL API https://backboard.railway.com/graphql/v2, query: me { id email name })
Not Authorized
Am I creating the correct kind of Railway token for CLI and API access?
What permissions or scopes are required for whoami, project listing, and project/service management?
Is there any reason a valid token would still return Unauthorized even for a basic me query?
What is the correct way to allow an external automation assistant to manage my Railway project securely?
If needed, I can also provide the exact commands I used, but at the moment the failure is consistent across both CLI and direct API calls.
7 Replies
a month ago
There are different token types with different scopes and headers. Account tokens and workspace tokens use the Authorization: Bearer header and are created at railway.com/account/tokens. Project tokens use the Project-Access-Token header instead and can only access a single environment, so a me query will not work with a project token. For CLI commands like railway whoami and railway list, set RAILWAY_API_TOKEN (account or workspace token), not RAILWAY_TOKEN (which is for project tokens). Full details are in our Public API docs.
Status changed to Awaiting User Response Railway • about 1 month ago
Status changed to Awaiting Railway Response Railway • about 1 month ago
a month ago
Your screenshot shows the Project Settings token page, which creates project tokens. These only work with the RAILWAY_TOKEN variable and the Project-Access-Token header, and they cannot access account-level queries like me or whoami. For your Manus AI automation, you need an account token created at a different location: railway.com/account/tokens. When creating it, select "No workspace" for full account access. Then have your automation use RAILWAY_API_TOKEN (not RAILWAY_TOKEN) for CLI commands, and the Authorization: Bearer header for API calls. Our Public API docs cover the details of each token type and how to authenticate with them.
Status changed to Awaiting User Response Railway • about 1 month ago
a month ago
Let me try,I will try token with Veveeavatar project
Status changed to Awaiting Railway Response Railway • about 1 month ago
a month ago
Railway CLI Shown unauthorized
a month ago
Even I try with no workspace
a month ago
This thread has been marked as public for community involvement, as it does not contain any sensitive or personal information. Any further activity in this thread will be visible to everyone.
Status changed to Open Railway • about 1 month ago
a month ago
If you have an account/workspace token, you must use RAILWAY_API_TOKEN. (RAILWAY_API_TOKEN=<TOKEN> railway <COMMAND>)
If you have a project-scoped token, you must use RAILWAY_TOKEN. (RAILWAY_TOKEN=<TOKEN> railway <COMMAND>)
Also, as mentioned above, project-scoped tokens cannot run commands such as whoami.