Key Not Found
key_not_found404
No API key with that ID exists in your account, or you don't have permission to access it.
What this means
A request tried to look up, modify, or revoke a specific API key by its ID, and we couldn't find a matching key under the calling account. This is a dashboard/management operation, not an authentication failure — the request itself was authenticated successfully. The key being looked up just isn't yours, or doesn't exist at all.
When you'll see this
- A dashboard UI tried to load details for a key that was already revoked or deleted.
- A management script referenced a key ID from a different environment or a different account.
- A copy-paste introduced a typo in the key ID.
- The key was created and immediately revoked in a previous test, and stale state is referencing it.
Learn more about how this works
Key lookups are account-scoped. A key ID that exists for account A returns key_not_found when looked up by account B — we don't disclose whether the ID exists somewhere else. Like account lookups, this is deliberate: a working "does this key ID exist anywhere" oracle would be useful for attackers and useful for almost nobody else.
The most common gotcha: this is not about authenticating with a key (that's api_key_not_found, which is the 401 path during a real request). This error is about managing a key from the dashboard or management API. Different layer, different fix.
Example response
{
"success": false,
"error": "key_not_found",
"message": "API key not found or you do not have permission to access it.",
"details": [],
"retry_after": null,
"doc_url": "https://docs.asterwise.com/reference/errors/key_not_found",
"request_id": "req_01HXYZABCDEFGH",
"timestamp": "2026-05-25T12:34:56Z"
}
- Sign in at asterwise.com/dashboard and open the API Keys page to see your current key IDs.
- Compare against the ID in the failing request — typos and copy-paste artifacts are the leading cause.
- If the key was created in a different account (consulting, agency, multi-tenant work), switch to that account's session and retry.
Hard 404 — don't retry, surface clearly, route to the dashboard.
Python:
Production handler
- Python
- TypeScript
import httpx
class KeyNotFoundError(Exception):
"""API key not found under this account."""
def get_key(key_id, base_url, headers):
response = httpx.get(
f"{base_url}/v1/keys/{key_id}",
headers=headers,
timeout=10,
)
if response.status_code == 404:
body = response.json()
if body.get("error") == "key_not_found":
raise KeyNotFoundError(
f"Key {key_id} not found. "
f"List keys at asterwise.com/dashboard."
)
response.raise_for_status()
return response.json()
class KeyNotFoundError extends Error {}
async function getKey(keyId: string, baseUrl: string, headers: HeadersInit) {
const response = await fetch(`${baseUrl}/v1/keys/${keyId}`, { headers });
if (response.status === 404) {
const body = await response.json();
if (body.error === "key_not_found") {
throw new KeyNotFoundError(
`Key ${keyId} not found. ` +
`List keys at asterwise.com/dashboard.`,
);
}
}
if (!response.ok) throw new Error(`HTTP ${response.status}`);
return response.json();
}
Avoid this error by
- Always list keys (GET
/v1/keys) before referencing a specific key ID. Stale references are the leading cause of this error in management scripts. - Don't hardcode key IDs across environments — staging IDs don't exist in production and vice versa.
- When revoking a key, treat subsequent lookups of that ID as expected failures rather than errors. Revoked keys are gone.
- If you're building team tooling that manages keys for multiple users, store the owning account alongside every key ID so you query the right account context.