<!--IssueSummary start--> <details> <summary> Everyone can contribute. [Help move this issue forward](https://handbook.gitlab.com/handbook/marketing/developer-relations/contributor-success/community-contributors-workflows/#contributor-links) while earning points, leveling up and collecting rewards. </summary> - [Close this issue](https://contributors.gitlab.com/manage-issue?action=close&projectId=278964&issueIid=25915) </details> <!--IssueSummary end--> When I use a private-token to approve a merge request always return 401. As following: ``` POST https://xxx.com/api/v4/projects/project_id/merge_requests/meger_request_id/approve ``` - headers contained `PRIVATE-TOKEN` ```json { "message": "401 Unauthorized" } ```