API Key is not valid

Dear Team,

Hope you are doing well.

We are trying to use a Service Connection from Azure DevOps to Octopus Server.
We were able to established the Service Connection using the API Key however we are getting error in “Push Packages to Octopus” step.

Error: The API key you provided was not valid. Please double-check your API key and try again. For instructions on finding your API key, please visit: How to Create an API Key | Documentation and Support
Error from Octopus server (HTTP 401 Unauthorized)
Exit code: -7
##[error]Process ‘Octo.exe’ exited with code ‘-7’.

Note: We have already double check the API Key and it is correct only.

Need your support here to resolve this issue.

Thanks & Regards,
Ayan Biswas

Good morning @ayan.biswas,

Thank you for contacting Octopus Support and welcome back to the forums!

I am sorry you are seeing issues with one of your API keys when trying to push a package to Octopus from Azure Dev Ops.

From what you mentioned your Service connection is working properly so it does look like the API key is correct but have you checked the permissions from the user using that API key? We have some documentation on this here if you have not had a chance to take a look yet.

Does the API key you are using have Octopus Managers or System Administrator permissions? If it does this wont be the issue here but if it does not are you able to test using a Service Account in Octopus or an account which has System Administrator or Octopus Manager permissions and see if you get the same error when using that in your service connection.

If you are still struggling after this can you send us the latest full build log from Azure DevOps for that failed deployment please and I can take a look for you. You can send it through via our secure site here, let me know once you have uploaded the log and I will see if I can sport anything.

I look forward to hearing from you,
Kind Regards,
Clare

Dear @clare.martin,

Thanks for your response.

As suggested, we have checked from our end and can confirm that the API key is having Octopus Manager permission however still we are getting same error.

As asked, we uploaded the full build login in your secure site.
Log File Name: RawLogs.txt

Note: Just FYI, we are using Azure DevOps server On-premises version.

Thanks & Regards,
Ayan Biswas

Hey @ayan.biswas,

Thank you for sending us those logs through and for also checking permissions on the account with the API key.

Can you confirm your Octopus Server version for me as I did see was you are using a very old version of our ADO plugin and I want to make sure that is compatible with your Octopus Server version, we have a compatibility guide here - you need to be looking for the Octopus CLI version and it seems you are using version 4.30.7 which is only compatible with Octopus 2018.2 ➜ 2018.12.

It looks like your build logs show the push command does not include a space ID (spaces were introduced in 2019.1):

##[command]"E:\ADOPool-Agent1\_work\_tasks\OctopusPush_d05ad9a2-5d9e-4a1c-a887-14034334d6f2\2.0.95\Octo.exe" push --server=http://xxxxxxx/octopus/ --apiKey=*** --package="\\xxxxxxxx.zip"

On mine the push command looks like this:

C:\ProgramData\chocolatey\bin\octo.exe push --space Spaces-1 --overwrite-mode FailIfExists --enableServiceMessages --package C:/agent/_work/4/a/target/RandomQuotesADOLocalMaven.0.1.9.jar --server http://192.168.0.201/ --apiKey ***

This should not matter as long as you have the default space selected for the pipeline, are you able to confirm you do have that space selected:

image2571×508 60.7 KB

Can you also confirm the account used for the API key is not scoped to a particular space for the Octopus Manager permission as if it is you might be trying to push the package to a space that the API key does not have permissions for.

Taking a look at the logs the error occurs on the push package but there are no other steps that connect to the Octopus Server before that so its hard to tell if the service connection is actually working correctly or not.

Can you make sure you have the ‘Grant Access to all pipelines’ box ticked for your service connections and the API key actually starts with API-

IE API-FIII8NDOXXXXXXXXXXXXXM6NNNUOMDS

image3418×1516 349 KB

If all of those settings are correct I was wondering if you could try this outside of ADO and run it on a machine that has access to the Octopus Server (you could run it on the Octopus server if you have access).

All ADO is doing is using the Octopus CLI to push a package to Octopus using the Push command.

Would you be able to install the Octopus CLI on a machine that can access the Octopus Server and try running a very simple command such as Listing Environments.

If you get the same error there is definitely something wrong with that API key as we would have taken ADO and networking (if running on the Octopus Server) out of the equation.

You can download the Octopus CLI here but it only goes back to version 7.0 so if this works you may need to upgrade your ADO plugin using the compatibility documentation I posted up to the correct version for your Octopus server version.

The first thing I would do here is see if your Octopus Server version is indeed compatible with the Octopus CLI version you are using as unless you are still running Octopus Server 2018 you will need to start by upgrading your ADO plugin to get the new Octopus CLI version (that linked documentation goes through how to use the Octopus CLI in your build pipelines).

Let me know if you have any questions about what I mentioned as I realise there is a lot of information to digest here.

Kind Regards,
Clare

Dear @clare.martin,

Thanks for your inputs.

As mentioned from your end, we have taken all the necessary actions like Octopus Server (V2023.3 Build 13033) Upgrade and Octopus CLI update with the latest version however still we are getting the same error.

We uploaded the latest full build Log File in your secure site.
Log File Name: RawLogs-27Sep.txt

Space1480×259 57.6 KB

Permission1876×801 130 KB

Kindly have a look into the log file and suggest further.

Kind Regards,
Ayan

Hey @ayan.biswas,

I am sorry it has taken so long to get back to you, I wanted to update my ADO so it was on similar versions to what you are using.

Thank you for those logs and for upgrading all your software to the latest versions, unfortunately there is not much we can do here, everything points to an API key that does not have permissions to access your Octopus instance or it is invalid.

My On-premise ADO logs for the same push package show this:

2023-09-27T16:22:46.1241229Z Task         : Push Package(s) to Octopus
2023-09-27T16:22:46.1241279Z Description  : Push your NuGet or Zip package to your Octopus Deploy Server. **v6 of this step requires Octopus 2022.3+**
2023-09-27T16:22:46.1241355Z Version      : 6.0.599
2023-09-27T16:22:46.1241396Z Author       : Octopus Deploy
2023-09-27T16:22:46.1241435Z Help         : Version: 6.0.599. [More Information](https://g.octopushq.com/TFS-VSTS)
2023-09-27T16:22:46.1241493Z ==============================================================================
2023-09-27T16:22:46.3972708Z Uploading package, RandomQuotesADOLocalNuget.1.0.41.nupkg...
2023-09-27T16:22:46.6676364Z Packages uploaded
2023-09-27T16:22:46.6774346Z ##[section]Finishing: Push Packages to Octopus
2023-09-27T16:22:46.6792769Z ##[section]Starting: Checkout repository@master to s

So you can see the package being uploaded and completes the upload, the commands executed before the upload would be the push package CLI command that I mentioned in one of the linked documents and that would need to authenticate with your Octopus Server before it starts the package upload. You cannot see this in the log but you can tell mine does authenticate as it pushes the package and yours does not as it does not even try to push the package it just flat out fails before it logs the package push.

That suggests the API key does not even have the permissions to access your Octopus Server:

2023-09-27T11:16:49.3420758Z Task         : Push Package(s) to Octopus
2023-09-27T11:16:49.3420926Z Description  : Push your NuGet or Zip package to your Octopus Deploy Server. **v6 of this step requires Octopus 2022.3+**
2023-09-27T11:16:49.3421250Z Version      : 6.0.599
2023-09-27T11:16:49.3421385Z Author       : Octopus Deploy
2023-09-27T11:16:49.3421546Z Help         : Version: 6.0.599. [More Information](https://g.octopushq.com/TFS-VSTS)
2023-09-27T11:16:49.3421774Z ==============================================================================
2023-09-27T11:16:49.8364334Z ##[error]"Failed to execute push. The API key you provided was not valid. Please double-check your API key and try again. For instructions on finding your API key, please visit: https://oc.to/ApiKey

Did you manage to install the CLI on your Octopus Server and run the list environments command I mentioned with the same API key and does that authenticate and bring back a list of environments?

I am really sorry I cant be of more help just yet here but all the logs we have so far show a flat out refusal to connect to your Octopus instance due to the API key being invalid.

You do not have a network proxy or load balancer do you that may be messing with the command being sent to Octopus? That is the only thing I can think of if you are 100% sure that API key is correct and you have tried it outside of your build server directly via the Octopus CLI and it does bring back a list of environments.

If you do have a proxy it may be inspecting the push package command and the API key may become corrupted or have its value changed if the network packet gets inspected and rerouted via the proxy. I have not seen this before but it would depend on how your proxy is setup as to what it is doing.

The next step here would be to install the Octopus CLI on the Octopus Server and run that list environment command I mentioned in my previous comment and see if you get the same error from that.

Hopefully we can get somewhere with this soon.
Kind Regards,
Clare

Dear @clare.martin,

We installed the Octopus CLI on our Octopus server per your recommendations, and the “Push Packages to Octopus” issue is now resolved.

Screenshot 2023-09-28 1152321912×751 160 KB

Thank you for your prompt responses, ongoing assistance, and guidance in resolving the situation.

Much Appreciated!

Kind Regards,
Ayan

Hey @ayan.biswas,

Fantastic news that solved the issue for you, I am so glad that worked and you can now run the build pipeline with no issues!

Reach out in future if you need further assistance as we are always on hand to help.

Kind Regards and Happy Deployments,
Clare

This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.