The API key you provided was not valid

I have created an API key in Octopus, and are trying to use a service connection from Azure DevOps, but I do get

Failed to query service connection API: 'https://***/api/spaces/all'. Status Code: 'Unauthorized', Response from server: '{ "ErrorMessage": "The API key you provided was not valid. Please double-check your API key and try again. For instructions on finding your API key, please visit:", "Errors": [] }'

I am an administrator in Azure DevOps and the Octopus Server 2021.3 (Build 8275), The integration is the latest one, and API Key length are verified same length.

I get the same result using Insomnia/Postman
X-Octopus-ApiKey: API-…

Hey @pal.lovik,

Thanks for reaching out and for all of the information.

This may have been a casualty of the API key copy-paste bug. When you copy-pasted it, did you click the little clipboard button? On some versions of some browsers, it actually doesn’t copy.

As a test can you please try creating a new API key and copying it via highlighting the key, right-clicking, hitting copy, and then trying it in Postman/ADO?

And to confirm when you go to https://***/api/spaces/all in your browser, you get the proper JSON and not an Unauthorized?

Please let me know how it goes!


1 Like

Well, actually, going to the URL I log in and I have no permissions. It’s an external URL for the Octopus Server. I have to talk to operations, cause if I log in directly on the server I do get my space and project. Maybe I need to get permissions in our external octopus configuration. Thank you, you got me on the right track, I think :smiley:

You’re very welcome! Please let me know how it goes if you get time, or if you need further assistance.


1 Like

I guess they have exposed octopus over https, but do you know if there are any mechanisms then for 2 sets of users? Since the same user I log in with doesnt have permissions if I go via the exposed one?

Sorry, I’m not sure I am 100% following. By that do you mean that you are using a service account for the API Key rather than your normal login?

I think operations have exposed Octopus via https, i.e., so when I go to that URL I get:

When I go via VPN to the server and login with same credentials, I get my space and project. Weird, but obviously, that’s why my API Key isn’t working as I have no permissions on the exposed Octopus instance.

Just to confirm, are these two separate Octopus instances? Sorry for the odd questions this setup is a bit new to me.

New to me to, just got into the project. This is what I’m wondering myself at this point. There might be different permissions set for the exposed and local Octopus. I’ll update when I get an answer over the weekend.

Awesome sounds great! I hope you have a great weekend!


This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.