Summary
SkillFM Beacon local activation fails on Windows with device_authorization_failed / AUTH.UNAUTHORIZED, and the sfm_brain_... Brain Key created from the web account returns 403 on brain/run.
Environment
- OS: Windows
- Package:
@skillfm/local@2.7.19
- Sidecar:
http://127.0.0.1:19821
- Web account can log in at
https://app.skillfm.ai/ / account settings
- Brain Key has been created from the web account, format:
sfm_brain_...
- SAFE context was injected into Claude/Codex successfully
- Full Brain Key is intentionally not included here
Reproduction
1. Start local sidecar
npx -y -p @skillfm/local@latest skillfm-local start
Sidecar runs on http://127.0.0.1:19821.
2. Try local device activation
Invoke-RestMethod -Method Post -Uri "http://127.0.0.1:19821/activate/start"
Actual response:
{
"ok": false,
"error": "device_authorization_failed",
"upstream": {
"ok": false,
"data": null,
"error": {
"code": "AUTH.UNAUTHORIZED",
"message": "missing or invalid credentials"
},
"meta": { "version": "v2" }
}
}3. Try brain/run with web-created Brain Key
Using the latest sfm_brain_... Brain Key:
POST https://api.skillfm.ai/v1/brain/runPOST https://api.skillfm.ai/api/v1/brain/run
Both return 403.
4. Sidecar status remains unactivated
Invoke-RestMethod -Uri "http://127.0.0.1:19821/status"
{
"ok": true,
"activated": false,
"version": "2.7.19"
}Expected behavior
One of the following should work:
/activate/start returns a valid device authorization URL/code, or- the web-created
sfm_brain_... key can be used by the local sidecar / brain/run, or
- documentation explains the correct activation path and required token type.
Questions
- Should
sfm_brain_... keys created from the web account support brain/run?
- Does
@skillfm/local@2.7.19 /activate/start require an additional client credential?
- Should the Windows sidecar use
/v1 or /api/v1?
- Is there a newer activation flow or package version that should be used instead?
Thanks.
Summary
SkillFM Beacon local activation fails on Windows with
device_authorization_failed/AUTH.UNAUTHORIZED, and thesfm_brain_...Brain Key created from the web account returns403onbrain/run.Environment
@skillfm/local@2.7.19http://127.0.0.1:19821https://app.skillfm.ai// account settingssfm_brain_...Reproduction
1. Start local sidecar
Sidecar runs on
http://127.0.0.1:19821.2. Try local device activation
Actual response:
{ "ok": false, "error": "device_authorization_failed", "upstream": { "ok": false, "data": null, "error": { "code": "AUTH.UNAUTHORIZED", "message": "missing or invalid credentials" }, "meta": { "version": "v2" } } }3. Try
brain/runwith web-created Brain KeyUsing the latest
sfm_brain_...Brain Key:POST https://api.skillfm.ai/v1/brain/runPOST https://api.skillfm.ai/api/v1/brain/runBoth return
403.4. Sidecar status remains unactivated
{ "ok": true, "activated": false, "version": "2.7.19" }Expected behavior
One of the following should work:
/activate/startreturns a valid device authorization URL/code, orsfm_brain_...key can be used by the local sidecar /brain/run, orQuestions
sfm_brain_...keys created from the web account supportbrain/run?@skillfm/local@2.7.19/activate/startrequire an additional client credential?/v1or/api/v1?Thanks.