diff --git a/CHANGELOG.md b/CHANGELOG.md
index f13bb38..d5b5b09 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,7 +2,15 @@
 
 All notable changes to the `cryptohopper` crate are documented in this file.
 
-## 0.1.0-alpha.1 — Unreleased
+## 0.1.0-alpha.2 — Unreleased
+
+### Fixed
+- **Critical: every authenticated request was rejected by the API gateway.** The transport sent `Authorization: Bearer <token>`, which the AWS API Gateway in front of `api.cryptohopper.com/v1/*` rejects (`405 Missing Authentication Token`). Cryptohopper's Public API v1 uses `access-token: <token>` — confirmed by the official [API documentation](https://www.cryptohopper.com/api-documentation/how-the-api-works) and the legacy iOS/Android SDKs. Switching to send `access-token`. The `Authorization` header is no longer set.
+
+### Compatibility
+No public-API change. Resource methods keep their signatures.
+
+## 0.1.0-alpha.1 — 2026-04-24
 
 Initial release. Full coverage of all 18 public API domains from day one.
 
diff --git a/Cargo.toml b/Cargo.toml
index ce1a860..69f9dde 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "cryptohopper"
-version = "0.1.0-alpha.1"
+version = "0.1.0-alpha.2"
 edition = "2021"
 rust-version = "1.76"
 authors = ["Cryptohopper <info@cryptohopper.com>"]
diff --git a/src/client.rs b/src/client.rs
index 71e4446..08ae378 100644
--- a/src/client.rs
+++ b/src/client.rs
@@ -274,8 +274,11 @@ impl Transport {
             builder = builder.query(q);
         }
 
+        // Cryptohopper Public API v1 uses `access-token: <token>`, not the
+        // OAuth2-conventional `Authorization: Bearer <token>`. The gateway
+        // in front of the API rejects Bearer with a SigV4 parse error.
         builder = builder
-            .header(header::AUTHORIZATION, format!("Bearer {}", self.api_key))
+            .header("access-token", self.api_key.as_str())
             .header(header::ACCEPT, "application/json")
             .header(header::USER_AGENT, &self.user_agent);
 
diff --git a/tests/client_tests.rs b/tests/client_tests.rs
index 4a7f074..b8d98f9 100644
--- a/tests/client_tests.rs
+++ b/tests/client_tests.rs
@@ -15,11 +15,11 @@ fn build(server: &MockServer) -> Client {
 }
 
 #[tokio::test]
-async fn sends_bearer_user_agent_and_unwraps_data() {
+async fn sends_access_token_user_agent_and_unwraps_data() {
     let server = MockServer::start().await;
     Mock::given(method("GET"))
         .and(path("/user/get"))
-        .and(header("Authorization", "Bearer ch_test"))
+        .and(header("access-token", "ch_test"))
         .and(header("Accept", "application/json"))
         .and(header_exists("User-Agent"))
         .respond_with(ResponseTemplate::new(200).set_body_json(json!({"data": {"hello": "world"}})))