Your software
My Mautic version is: 7.0.1
My PHP version is: 8.2.30
My Database type and version is: MySQL 8.4.9
I installed Mautic via: Zip
Your problem
My problem is:
Mautic returns a 401 “authorization grant is invalid” error on every email send attempt, even though the SendGrid API key is valid and works correctly when tested directly against SendGrid’s API.
Environment:
- LiteSpeed web server via cPanel shared/VPS hosting
- symfony/sendgrid-mailer (v7.4.0) installed via composer
- DSN configured in config/local.php as:
‘mailer_dsn’ => ‘sendgrid+api://apikey:SG.xxx@default’ - Domain authentication completed in SendGrid (DKIM/SPF/CNAMEs verified)
- Single sender hello@royaltymarketing.com verified
- Outbound HTTPS to api.sendgrid.com works (curl test below confirms)
Verification that the API key is valid:
- Running curl from the Mautic server:
curl -H “Authorization: Bearer $KEY” https://api.sendgrid.com/v3/scopes
Returns HTTP 200 with full scopes list including “mail.send” - Sending mail directly via curl to SendGrid’s /v3/mail/send endpoint with the same key successfully delivers to the inbox
Verification that DSN is correctly configured:
- grep mailer_dsn config/local.php shows the clean DSN, no whitespace or hidden characters
- hexdump confirms the DSN is byte-perfect (length 99 = 22-char prefix + 69-char key + 8-char suffix)
- Bug in app/bundles/ConfigBundle/Form/DataTransformer/DsnTransformer.php (PASSWORD_MASK = ‘
’) was previously corrupting the saved DSN with %F0%9F%94%92 prefix when saving via Configuration UI — avoiding that UI now and only editing local.php directly
These errors are showing in the log:
[2026-05-01T22:14:37+00:00] app.ERROR: [MAIL ERROR] Unable to send an email: The provided authorization grant is invalid, expired, or revoked(code 401). {“hostname”:“host.royaltymarketing.com”,“pid”:3866527}
This identical error appears on every send attempt regardless of which API key is in use (key has been rotated 4+ times, each tested working via curl before being installed).
Steps I have tried to fix the problem:
- Verified API key works via curl from the Mautic server — HTTP 200 to /v3/scopes, successful test send via /v3/mail/send
- Confirmed config/local.php has clean ‘mailer_dsn’ => ‘sendgrid+api://apikey:KEY@default’ (no lock-icon corruption)
- Tried using .env.local with MAUTIC_MAILER_DSN env var (Symfony 500-errored when present, removed)
- rm -rf var/cache/prod && php bin/console cache:warmup --env=prod --no-debug
- rm -rf var/tmp/twig
- Force-restarted LiteSpeed workers via touch tmp/restart.txt
- opcache_reset() via web request to confirm SAPI=litespeed picked up new code
- Verified php bin/console debug:dotenv shows MAUTIC_MAILER_DSN correctly loaded (when .env.local was present)
- Verified php bin/console debug:container --parameter=mautic.mailer_dsn shows %env(nullable:resolve:MAUTIC_MAILER_DSN)% (resolves at runtime)
- Verified DSN reaches LiteSpeed worker via __check.php — $_ENV[‘MAUTIC_MAILER_DSN’] is correct length (99) with no lock emoji
- Confirmed the symfony/sendgrid-mailer bridge package is installed (without it, the error message is different — “the bridge is not installed”)
- Tried SMTP via smtp.sendgrid.net:587 — outbound port 587 is blocked by host firewall (Connection refused)
What I’d expect:
Mautic should send the request to SendGrid’s API using my configured key.
What’s happening:
Mautic sends the request and SendGrid responds with 401, suggesting Mautic is sending the wrong/empty/garbled key — but I cannot find where the wrong value is coming from.
Has anyone seen this combination of “valid API key + correctly configured DSN + still gets 401” on Mautic 7 with LiteSpeed?