KEY_REVOKED — API key has been revoked
Summary
Section titled “Summary”The key was active at some point but was explicitly revoked — either through the dashboard, by an admin, or automatically after a security event.
HTTP status
Section titled “HTTP status”401 Unauthorized. Standard envelope.
Example response
Section titled “Example response”{ "success": false, "error": { "code": "KEY_REVOKED", "message": "This API key has been revoked.", "request_id": "req_01HXJZK4ABCDEF", "doc_url": "https://docs.surveycoder.io/errors/key-revoked" }}Why this happens
Section titled “Why this happens”- A team member revoked the key at surveycoder.io/api-keys.
- The key was rotated and the old value is still cached somewhere (CI, a teammate’s laptop, a deployment env).
- A security trigger revoked the key (e.g. it was detected in a public GitHub commit — yes, we scan).
How to fix it
Section titled “How to fix it”- Open surveycoder.io/api-keys and confirm the key shows as Revoked.
- Create a new key with the same scopes.
- Update every place the old key was stored — environment variables, secrets manager, CI/CD config.
- If you didn’t revoke it yourself, audit the Audit log in the dashboard to see who and when.
Related
Section titled “Related”KEY_EXPIRED— different cause, same recoveryUNAUTHORIZED