Error message

API Key is wrong or user disabled

Last updated 12 July 2026

API Key is wrong or user disabled

In short

This is about your AutoTrader Web API key — the personal key that lets your own code or tools call the AutoTrader Web APIs. It is not your stock broker's API key. The error means AutoTrader Web could not authenticate you, because the AutoTrader Web API key used is wrong, or your user has been disabled (usually after an API limits breach). When you call these APIs from your own code (Python, Java, C#, the REST API, or another tool), a wrong or missing key comes back as HTTP 401 (Unauthorized) — this is not a licence or broker problem, and a recharge or an active account does not fix it; copy the correct key from Settings -> Security and use that exact key in your code. To fix it: log out and log back in if you just regenerated the key, set the correct key from Settings -> Security, or contact support if your user was disabled. If instead your broker (for example Flattrade) says the API key or secret is not valid while you add or validate a broker account, that is a different key — see Login failed: invalid username or password and follow your broker's setup guide.

When this happens

  1. 1 The AutoTrader Web API key used by the user is wrong.
  2. 2 The user has been disabled by AutoTrader Web, usually after an API limits breach.

Which API key is this?

This article is about the AutoTrader Web API key — your personal key for calling the AutoTrader Web APIs from your own code or tools. It is not the API key you get from your stock broker.

  • If your broker (for example Flattrade) says the API Key or Secret is not valid when you add or validate a broker account, that is your broker’s key, not this one. See Login failed: invalid username or password, then follow your broker’s setup guide to regenerate and re-copy the key and secret.
  • If you are dealing with the AutoTrader Web API key described below, continue here.

What is the AutoTrader Web API key?

The API key of AutoTrader Web is a unique secret key given to the user. AutoTrader Web APIs use it for authentication.

Users can call the AutoTrader Web APIs directly through various tools or libraries. The same key is also used by AutoTrader Web’s PMS web application.

Using the API from your own code (HTTP 401 Unauthorized)

If you call the AutoTrader Web APIs from your own code — Python, Java, C#, the REST API or another tool — a wrong or missing API key comes back as HTTP 401 (Unauthorized). The request reached AutoTrader Web, but the API key in your code did not match.

This is not a licence problem and not a broker problem. A recharge, an active account, or the account showing margin does not change it — the 401 is only about the API key.

To fix it:

  1. Open Settings -> Security and copy your exact API key.
  2. Paste that same key into your code, where it sets the API key.
  3. Run your code again.

If it still fails with the correct key, your user may have been disabled after an API limits breach — contact support to get it enabled again.

Solution

Pick the fix that matches your situation.

CauseWhat to do
User regenerated the API keyLog out from the application, then log back in.
Incorrect API keyGo to Settings -> Security, view the key, and enter the correct key in your app or code.
User was disabled (usually after an API limits breach by the user’s algo or code)Contact support to get the user enabled again.
Did this solve your problem?
Contact support