Stripe Connect Authentication failure - invalid_client: No such API key: Bearer

I'm working on Ruby on Rails with the OmniAuth-StripeConnect Gem, and every time I try to connect to the Stripe Connect API I get this failure in authentication, 'redirecting' me to the failure method of the Omniauth callback controller :

E, [2018-05-28T13:41:50.435158 #58778] ERROR -- omniauth (stripe_connect) Authentication failure! invalid_credentials: OAuth2::Error, invalid_client: No such API key: Bearer
{
  "error": "invalid_client",
  "error_description": "No such API key: Bearer"
}

I found in the doc that an error of invalid_client meant either one of these : https://stripe.com/docs/connect/oauth-reference#post-deauthorize-error-codes

  • client_id does not belong to you
  • stripe_user_id does not exist or is not connect to your application
  • API key mode (live or test mode) does not match the client_id mode

But i doubled checked and it's none of these.

Does anyone has an idea ?

Old question, I know but I came across this error today, too and it may help others in future. The owner of the repo/gem said that he wasn't "really supporting" it anymore, anyway. This answer assumes you're trying to get a user to create their account on Stripe and pass an auth token back to your controller.

I decided to skip using the gem altogether. After 'undoing' the installation instructions, I found that keeping the stripe_connect method under the OmniauthCallbacksController still worked as you'd expect - you just don't get the error described as above.

According to the Stripe Connect docs (https://stripe.com/docs/connect/standard-accounts#redirected), if you don't receive an error code, then the request was successful. You should receive an authorization code inside the response which can be used to access that user's Stripe account via their API. You'll only have five minutes to use that token before it expires. I imagine you'll need to start the whole process over again if you miss it.

Hope this helps.

Authentication failure, Every time I try to connect to the Stripe Connect API I get this failure in authentication, 'redirecting' me to the failure method of the Omniauth  api_key_expired. The API key provided has expired. Obtain your current API keys from the Dashboard and update your integration to use them. authentication_required. The payment requires authentication to proceed. If your customer is off session, notify your customer to return to your application and complete the payment.

I think you are testing with live card with test API Keys?

Uploaded Stripe app to Heroku now i get error omniauth , Uploaded Stripe app to Heroku now i get error omniauth: (stripe_connect) Authentication failure! invalid_credentials: OAuth2::Error, invalid_client: No such API key: Bearer #37 ERROR -- omniauth: (stripe_connect) Authentication failure! https://stripe.com/docs/connect/reference#post-deauthorize-error-  Stripe Connect Authentication failure - invalid_client: No such API key: Bearer 0 What is the proper function from the java Stripe api to call to complete express account connection?

For others who may find this, when I was facing this issue, it was because I did not properly set up the omniauth initializer to include the required stripe keys:

I had set up this file:

# config/initializers/omniauth.rb
Rails.application.config.middleware.use OmniAuth::Builder do
  provider :stripe_connect, ENV['STRIPE_CONNECT_CLIENT_ID'], ENV['STRIPE_CLIENT_SECRET']
end

But forgot to put the keys into my .env file.

Make sure you set up your environment with the proper keys.

Connect OAuth reference, Prefilling has no effect if your user already has an existing Stripe account. use the stripe_landing parameter, with a value of login, to have Stripe show a or another publicly available profile for the business, such as a LinkedIn or This call should be made using your secret API key as a client_secret POST parameter:. a class Source if one could be found based on the input params, or null if no such Source could be found. Throws: AuthenticationException - failure to properly authenticate yourself (check your key) InvalidRequestException - your request has invalid parameters APIConnectionException - failure to connect to Stripe's API

Making API calls for connected accounts, Server-side with the Stripe-Account header and the connected account ID, per Server-side with the connected account API keys (legacy, not recommended) Server-side API calls should include the platform account secret key and pass a All of Stripe's libraries support this style of authentication on a per-request basis:. Using Connect with Standard accounts. Integrating with Standard accounts is the fastest and easiest way to get started using Connect, since you'll be offloading the majority of the user experience and user communication to Stripe.

Authentication, Provide your API key as the basic auth username value. You do not need to provide a password. If you need to authenticate via bearer auth (e.g., for a cross-​origin  invalid_client Client authentication failed. For example, when the client includes client_id and client_secret in the authorization header, but there's no such client with that client_id and client_secret .

Authentication - Node, Do not share your secret API keys in publicly accessible areas such as GitHub, client-side code, and so forth. API requests without authentication will also fail. It is important to know that every certificate comprises of a public key (used for encryption) and a private key (used for decryption). The private key is known only to the server. The default port for https is 443. I am under the assumption the reader is well-versed in SSL Handshake and the Server Authentication process during the SSL handshake.

Comments
  • What do you mean that you skipped the gem all together? Did you write your own omniauth strategy?