The 2am page nobody wants Last month I got the page every developer dreads. A scheduled job that's been quietly running for two years started spitting 401 Unauthorized at every request. The target was a fleet of network-connected hardware sitting on our office LAN. No code had changed. No certificates had expired. The only thing that had moved was the vendor's firmware, which had auto-updated overnight. If you've ever built tooling against a vendor's local-network API and watched it die after a forced firmware push, this one's for you. I want to walk through how I diagnosed it, the workaround I shipped that afternoon, and the architectural changes I made afterward so I never have to do this again. What actually broke The symptom was clean: every HTTP call to the device's LAN endpoint returned 401. The device still responded to ICMP. The web UI on the device still worked. But anything calling the documented local API now demanded a token it had never required before.…