I have replicated the 401 error and found the cause. When this error occured, the response headers contain the field 'errors' with a value 'User not logged in'. After a little bit of experimenting, I have worked out what I did to cause this.
Using Chrome*, open the Mango web interface and log in.
Open in another tab of the same window, a web application that utilised the Mango API and log in.
Separate the two tabs into different browser windows.
Log out from the web application and you will receive the 401 error.
*I haven't tried other browsers.
The two tabs utilise the same session cookie. The cookie must be associated with one of the two browser windows when the separation occurs. The domain of this cookie matches the domain in the address bar of the mango web interface so the browser understandably associates that cookie with the Mango web interface, not the web application. Now the web application does not have a log-in cookie.
- Don't do that.
- Have the Mango API deliver a different cookie.
- Set an expiry time on the cookie.
For me #2 is preferable but that may not play well with custom dashboards.