13.2.1 Possible causes ¶

• The bearer token in the client doesn’t match OWNSONA_API_TOKEN in the deployed application.ini.
• You edited the source application.ini but didn’t rebuild the WAR. The deployed WAR still has the old token baked in. Fix: ./bld -v build && ./bld war && cp work/Kiss.war /home/ownsona/tomcat/webapps/ROOT.war.
• The client is sending the token to a stale URL (e.g. pointing at a test deployment after you rotated the token).

13.2.2 Verify ¶

curl -sS -X POST https://<host>/mcp \
    -H "Authorization: Bearer $OWNSONA_API_TOKEN" \
    -H "Content-Type: application/json" \
    -d '{"jsonrpc":"2.0","id":1,"method":"initialize","params":{}}'

200 with a server-info payload means the server is healthy and the $OWNSONA_API_TOKEN env var matches.