Connection Tester and JS client both fail with ‘invalid authorization token’ on new API key

Getting Started
1

Hi,

I’m trying to connect to a LiveKit Cloud project from a local Node/React setup, but I consistently get “invalid authorization token” errors, even when using the official Connection Tester.

Project setup

  • LiveKit Cloud project URL: wss://<my-project>.livekit.cloud

  • I generated a new API key and secret from the project’s “API Keys” section.

  • I copied the WebSocket URL, API Key and API Secret directly from the “Key generated” popup.

  • I used the same URL / key / secret in:

    • the Connection Tester ( Connection Tester | LiveKit )

    • my backend .env.local file (Node server that generates tokens with livekit-server-sdk).

Connection Tester behavior

On the Connection Tester page, with the correct URL / key / secret filled in, I get:

  • “Connecting to signal connection via WebSocket”

  • Then repeatedly:
    Initial connection failed with error invalid authorization token. Retrying with region fallback
    Error: Could not fetch region settings:
    Error: could not establish signal connection: invalid authorization token

  • Final result: FAIL (invalid authorization token)

So the official tester cannot authenticate against my project with a newly generated key/secret.

Backend token generation

On my backend (Node + livekit-server-sdk), I generate tokens like this (simplified):

js

**import { AccessToken } from 'livekit-server-sdk'

const token = new AccessToken(LIVEKIT_API_KEY, LIVEKIT_API_SECRET)
token.identity = effectiveParticipantIdentity
token.name = effectiveParticipantName

token.addGrant({
video: {
roomJoin: true,
room: effectiveRoomName,
canPublish: true,
canSubscribe: true,
},
})

const jwt = await token.toJwt()**

The backend returns:

json

{
"token": "<jwt>",
"url": "wss://<my-project>.livekit.cloud",
"roomName": "demo-room",
"identity": "user-...",
"name": "..."
}

From the browser (LiveKit JS client), trying to connect with room.connect(url, token) fails with:

  • ConnectionError: could not establish signal connection: invalid token

What I’ve already tried

  • Regenerated multiple API keys for this project, deleted old ones, kept only one active key.

  • Carefully copy–pasted URL, key and secret into:

    • the Connection Tester

    • backend .env

  • Verified that the backend is definitely using the latest .env.local and that it returns the correct Cloud URL.

  • Tokens returned by my backend look structurally correct (include video.room, roomJoin, canPublish, canSubscribe, etc.).

Question

Given that:

  • the Connection Tester itself fails with “invalid authorization token” for this project, even with a freshly generated key/secret, and

  • my backend tokens are generated using the documented AccessToken pattern,

is there anything project‑level that could cause all tokens for this project to be considered invalid (e.g., misconfiguration, project state, region issue, or a known bug)?

What should I check on the project/account side, or could someone from the LiveKit team inspect this project to see why every token is rejected as “invalid authorization token”?

Thanks in advance for any guidance.

2

Whilst it’s not an official tool, you can use LiveKit Token Validator to validate your token. That should help you understand why you are seeing invalid authorization token