It is most likely due to a mismatch between the type of your user primary key and the mixin type inherited by your UserManager. This discrepancy causes errors during token parsing, leading to a situation where the user is considered non-existent, which results in a 401 Unauthorized response.