Based on other posts in the forum I've been authenticating to the WeatherKit REST API like so for a few weeks now: Node const privateKey = `-----BEGIN PRIVATE KEY----- // redacted -----END PRIVATE KEY-----` const teamId = 'myteamid' const serviceId = 'myserviceid' const keyId = 'keyed' const appId = 'appid' const jwt = jsonwebtoken.sign({}, privateKey, { jwtid: `${teamId}.${appId}`, issuer: teamId, expiresIn: '1h', subject: appId, header: { alg: 'ES256', kid: keyId, id: `${teamId}.${appId}`, }, }) // Get coordinates from parameters const latitude = request.params.latitude const longitude = request.params.longitude // Get current weather from WeatherKit const { data } = await axios.get(`https://weatherkit.apple.com/api/v1/weather/en/${latitude}/${longitude}?dataSets=${dataSets}&timezone=US/Eastern&countryCode=us`, { headers: { "Authorization": `Bearer ${jwt}` } }) A few hours ago, I began seeing all requests return: [AxiosError: Request failed with status code 401] { code: 'ERR_BAD_REQUEST', I'm wondering if something changed about the format. I do recognize the docs may show some keys of different names for example subject being sub, however I've never gotten this to work with what the docs show and only found from forum posts that this format works. I tried following the current docs just now as well in case anything had changed, changing the jwt construction to look like so: const iat = new Date().getTime() // Add 1hr to iat in ms const exp = iat + 3600000 const jwt = jsonwebtoken.sign({}, privateKey, { jwtid: `${teamId}.${appId}`, subject: appId, header: { alg: 'ES256', kid: keyId, id: `${teamId}.${appId}`, iss: teamId, iat, exp, }, })