Skip to Content
Former Member
Jun 17, 2016 at 05:33 AM



Dear Experts,

I had a working scenario fetching ODATA service from backend and with couple of other policies added. This is on HCP Trial account.

I added the Verify API Key Policy and things stopped working.

My XML for the policy says >>

<!--Specify in the APIKey element where to look for the variable containing the api key-->

<VerifyAPIKey async='true' continueOnError='false' enabled='true'


<APIKey ref='request.header.APIKey'/>


And I am sending a HTTP Header called APIKey using postman / also from a Java program.

This fails with an error as below.


"fault": {

"faultstring": "Invalid ApiKey for given resource",

"detail": {

"errorcode": "oauth.v2.InvalidApiKeyForGivenResource"




the Application Key is the exact value copied from the Dev portal , I also tried regenerating and using the new value but the error still occurs. Did also change the name of the header both in policy and in the client(postman / java code) but that does not help either.

Any clues?