[REST API] 401: invalid key

Hi Trello community,

I’m Raul from Hubstaff and I’m responsible for our Trello integrations.

We’ve recently seen an increased number of 401: invalid_key errors for some of our Trello integrations.

This issue is resolved if the integration reauthenticates with Trello and we receive a new token, but this is not reliable at all and we have a few customers that lately have become irritated because they have to do this daily.

For instance we have one customer that integrate with the organization with ID 5a97637d005e140a289326fe.

Their integration received this errors on:

  • Thu, Feb 13, 2020 15:13:59 UTC
  • Thu, Feb 20, 2020 08:21:20 UTC
  • Fri, Feb 21, 2020 17:09:36 UTC
  • Tue, Feb 25, 2020 16:19:03 UTC

Can you tell me why these occur?

I’ve noticed that lately, you had system issues according to your status page, but they don’t seem to correlate all the time.

Any further insight on this would be highly appreciated. I can provide more details if needed.

/cc @bentley

What is the API key you are using and what is the route that this is happening on?

The API key is REMOVED

And the request is for GET https://api.trello.com/1/search?query=*&idOrganizations=5a97637d005e140a289326fe&modelTypes=cards&card_list=true&cards_limit=275&card_fields=due,dueComplete,idMembers,idList,closed,dateLastActivity,desc,name,shortUrl and we pass in two additional arguments idCards + idBoards to which unfortunately I can’t find the values in our logs as we’re making them through our background processor and we don’t have any logging set up for that, nor can I find the exact error in our bug tracker to find all the parameters.

I do know the timestamps because we have an audit logging set up for when a Trello integration gets disabled.

I do have another occurence to which I have all the details though:

  • API key is REMOVED
  • Timestamp occurrence: Feb 28, 2020 13:52:59 UTC
  • Endpoint: GET https://api.trello.com/1/organizations/5df31007670aa98f0870c403/boards?fields=name,shortLink&filter=open

We seem to have gotten almost ~60 invalid key errors on the 13th of Feb, only a handful of them happened afterwards.

Hope this helps and gives you enough info to figure out why it happens.

We dug into this and it seems that the 401s for these errors were coming from bad tokens and not an invalid key.

Thanks @bentley for the help on hunting this down! :bowing_man:

1 Like