# API02006: API Key Invalid

## What This Means[​](#what-this-means "Direct link to What This Means")

The WooCommerce REST API key being used is invalid. API keys are used for server-to-server authentication, and the key provided doesn't match any valid key in WooCommerce.

## Common Causes[​](#common-causes "Direct link to Common Causes")

* **Key deleted** — The API key was removed from WooCommerce
* **Key typo** — The key was entered incorrectly
* **Wrong key pair** — Consumer key and secret don't match
* **Key from different site** — Using keys generated for another installation

## How to Fix[​](#how-to-fix "Direct link to How to Fix")

### 1. Verify the API Key[​](#1-verify-the-api-key "Direct link to 1. Verify the API Key")

In WordPress Admin → WooCommerce → Settings → Advanced → REST API:

1. Check if your API key exists
2. Verify it hasn't been revoked
3. Note the permissions (read/write/read-write)

### 2. Generate New API Keys[​](#2-generate-new-api-keys "Direct link to 2. Generate New API Keys")

If the key is missing or invalid:

1. Go to WooCommerce → Settings → Advanced → REST API
2. Click "Add key"
3. Enter a description (e.g., "WCPOS")
4. Select the user
5. Choose "Read/Write" permissions
6. Click "Generate API key"
7. **Copy both the Consumer Key and Consumer Secret** (shown only once!)

### 3. Update POS Configuration[​](#3-update-pos-configuration "Direct link to 3. Update POS Configuration")

Enter the new API keys in the POS:

* Consumer Key (starts with `ck_`)
* Consumer Secret (starts with `cs_`)

### 4. Check Key Permissions[​](#4-check-key-permissions "Direct link to 4. Check Key Permissions")

Ensure the key has sufficient permissions:

* **Read** — View data only
* **Write** — Modify data only
* **Read/Write** — Full access (recommended for POS)

## Related Errors[​](#related-errors "Direct link to Related Errors")

* [API02001](/error-codes/API02001.md) — Invalid Credentials
* [API05001](/error-codes/API05001.md) — WooCommerce API Disabled