AIAI Error Fix
ChatGPT

OpenAI API Key Invalid or Revoked — Fix It Fast

The 'invalid API key' error occurs when OpenAI's API cannot authenticate your request due to a missing, revoked, expired, or incorrectly formatted key. This error is commonly seen by developers integrating the OpenAI API into applications or scripts. Resolving it typically takes just a few minutes by verifying or regenerating your credentials.

?

Why does this error happen?

OpenAI authenticates every API request by validating the Bearer token passed in the Authorization header. If the key has been revoked through the dashboard, was never activated, contains invisible whitespace characters from a copy-paste operation, or belongs to an organization different from the one specified in your request headers, the API returns a 401 Unauthorized response with the message 'Incorrect API key provided.' Additionally, accounts with lapsed billing may have keys temporarily deactivated until a valid payment method is reattached.

How to fix it

1

Generate a New API Key

Log in to platform.openai.com and navigate to the API Keys section under your account settings. Click 'Create new secret key', give it a recognizable name, and copy it immediately — OpenAI will not display the full key again after this step.

2

Remove Leading and Trailing Spaces

When pasting an API key into a .env file or configuration panel, invisible whitespace characters can be accidentally included. Open your environment file and ensure the key value starts directly with 'sk-' and has no spaces or newline characters before or after it.

3

Verify Your Organization ID

If your account belongs to multiple OpenAI organizations, requests must include the correct Organization ID in the 'OpenAI-Organization' header. Find your Organization ID at platform.openai.com/account/org-settings and confirm it matches what is set in your application configuration.

4

Confirm Active Billing on Your Account

Navigate to platform.openai.com/account/billing and confirm that a valid payment method is on file and your usage limits have not been exceeded. Accounts with failed payments or exhausted free-tier credits may have API access suspended, which invalidates otherwise correct keys.

Code example

// Correct way to pass API key using the official Node.js SDK
// Store your key in an environment variable — never hardcode it

const OpenAI = require('openai');

const openai = new OpenAI({
  apiKey: process.env.OPENAI_API_KEY, // e.g. sk-...
  // organization: process.env.OPENAI_ORG_ID, // optional, if using multiple orgs
});

async function main() {
  const response = await openai.chat.completions.create({
    model: 'gpt-4o',
    messages: [{ role: 'user', content: 'Hello!' }],
  });
  console.log(response.choices[0].message.content);
}

main();

Pro tip

Store your API key exclusively in environment variables or a secrets manager such as AWS Secrets Manager or HashiCorp Vault — never commit it to source control. Rotate your keys every 90 days and set up usage alerts in the OpenAI dashboard to catch unauthorized use before it leads to revocation.

Frequently asked questions

Why does my API key work in one project but fail in another?
Different projects may reference different environment files or configuration sources where the key was not updated. Check that every .env file, CI/CD secret, and deployment environment variable has been updated with the new key.
Can an OpenAI API key expire automatically?
OpenAI keys do not expire on a fixed schedule, but they are immediately invalidated if you revoke them manually, if OpenAI detects suspicious usage, or if your account is suspended due to billing issues. Always monitor your key activity in the dashboard.
How do I know if my API key has been compromised?
Visit the Usage section at platform.openai.com to review recent API calls and look for unexpected spikes or unfamiliar request patterns. If you suspect compromise, revoke the key immediately and generate a new one.
Does the free trial API key work the same as a paid key?
Free trial keys have the same format and authentication mechanism but are subject to lower rate limits and a credit expiry date. Once the trial credit is exhausted or expired, the key will return authentication or quota errors until billing is activated.

Upgrade your OpenAI plan for higher limits and uninterrupted API access

Related Guides

← Back to all guides