Mailgun secret API key rejected


#1

Hi everyone,

I tried to set up Mailgun bounce handling today and therefore wanted to configure the secret Mailgun API key. But I can’t save the key and only get this error message:

Value doesn’t match the required format.

Have they changed their format maybe? My key is “key-” followed by 32 lower-case alpha-numeric characters.


(Arpit Jalan) #2

The regex looks fine to me:

And I can’t repro the issue locally using a random key like: key-a64b3021781d9467b6c7e9da7741fed0


#3

The RegEx matches hex values, but my Mailgun key looks more like

^key-[a-z0-9]{32}$

Haven’t tested this regex, just off the top of my head :wink:


#4

Correction: Just saw that my API key even includes dashes (-).


(Jay Pfaffman) #5

Strange. I just opened a ticket on Mailgun asking if the API key format has changed.

Edit: And I heard back from them. It’s still the same. @lunikon, my best guess is that you’re using an SMTP password rather than an API key. You can look at my install FAQ for how to find the API key.


#6

I am definitely using an API key, from the exact location described in your install FAQ. I guess I’ll have to contact Mailgun myself and figure out what went wrong there. Maybe there was a bug on their side when my set of keys was generated.


(Sam Saffron) #9

I am unable to repro with an actual key from mailgun, feel free to PM me your key if you want me to test it.


(Michael Scott Shappe) #10

I am also seeing this issue on a new install.

ETA: 1.9.0.beta6


(Jay Pfaffman) #11

And you’re sure that you’re using an API key and not a password?


(Michael Scott Shappe) #12

Very very quite certain :slight_smile:


(Ville S) #13

I’m having the same problem with v2.0.0.beta3. My Mailgun API key also has dashes in it, I assume the regex just doesn’t match. (And yes, I’m definitely using the correct secret key, not a password.)


(Jay Pfaffman) #14

Nene generate another key?


#15

So apparently this problem does exist for several people over a longer time-span. Wouldn’t it be easier to just make the regex in Discourse less restrictive? The worst that could happen is that someone enters a wrong key, resulting in an error message somewhere. But that could already happen today (with an expired key for example).


(Cameron:D) #16

I had this problem.
I think older API keys are 32 alpha-numeric, and newer ones are 32 hex characters, and the regex only allows hex. I don’t use the API anywhere else, so I just re-generated my API key so I had a new hex-only one.


(Jay Pfaffman) #17

I’ve noticed that the keys I’ve seen lately no longer start with “key=”