Troubleshoot API Key Issues in Confluent Cloud

Below are some frequently encountered issues, with information and tips on resolving the issues.

API key was accidentally deleted


When a resource is deleted, associated API keys are also deleted.

The deletion of an API key is a permanent action. If you accidentally delete an API key, contact Confluent Support as soon as possible. Although not guaranteed, Confluent Support might be able to restore the deleted API key.

To verify if an API key has been deleted, you can use the confluent api-key list Confluent CLI command.

Authentication failure

If your client stack trace shows authentication failures, here are some possible causes:

  • Deleted user account

    When a user account is deleted, all API keys associated with that account will be deleted.

  • Resource API key authentication failed

    If you try to use an API key before propagation completes, authentication failures occur. Depending on workloads, you might need to wait a few minutes more and try again.

Authorization failure

If your client stack trace shows authorization failures, here are some possible causes:

  • Invalid API Key/Secret
  • Incorrect permissions or configuration
  • Scoped to the wrong resource

Rotated API key and application failed

If you rotate an API key and delete the existing one before the new API key has propagated, then an application can fail. To help prevent this, follow the key rotation procedure in Rotate API keys regularly.