Direct answer
Invalid-key errors mean the request is not reaching CorvusLLM with the active customer key in the auth field that the endpoint expects. Recopy the active key from the dashboard, send it as a Bearer token for OpenAI-compatible clients, and test with /v1/models before editing the rest of your app.
Private order, key, and balance details belong in the customer portal or support. Public docs can explain the diagnostic path, not reveal account-specific state.
Error phrases this guide covers
Search tools, logs, and support tickets do not always use the same wording. Treat these phrases as the same troubleshooting family before changing unrelated settings.
Fast check before changing everything
Run the smallest check that isolates the failing layer. If the small request works, the problem is usually the client configuration, hidden context, permissions, or advanced feature path rather than the whole account.
curl https://base.corvusllm.com/v1/models \
-H "Authorization: Bearer YOUR_CORVUSLLM_KEY"Common causes
- The key was copied with a missing character, an extra space, or a line break from a password manager or chat app.
- The app is still reading an old environment variable from another shell, server process, or hosted secret store.
- The client sends the key in the wrong field, for example as a model parameter instead of an Authorization header.
- A team member rotated or replaced the key but the production app kept the older value.
Fix steps
- Copy the active CorvusLLM key again from the customer dashboard or delivery source you trust.
- For OpenAI-compatible requests, send Authorization: Bearer YOUR_CORVUSLLM_KEY.
- Restart the app, terminal, or worker process that reads the environment variable.
- If curl works but the app fails, inspect exactly which variable name or settings profile the app reads at runtime.
Verify before retrying production traffic
- Run /v1/models with the same key outside your app.
- Confirm the same key is not being mixed with an official provider base URL.
- Confirm hosted environments, CI, Docker containers, and local shells all use the same updated secret.
Use one small request first. Large retries can spend balance, hide the original cause, and create confusing logs.
Diagnostic decision tree
Work through these checks in order. The goal is to isolate the failing layer before editing unrelated settings or sending another expensive request.
| Check | Action | Pass result | Fail result |
|---|---|---|---|
| Minimal request | Run the smallest check from this page with the same key, endpoint shape, and one public model slug. | The account and basic route probably work; move to client settings, hidden context, tools, or retries. | Fix auth, base URL, balance, model slug, or current route health before testing advanced features. |
| Client final URL | Inspect the actual URL or provider profile the client sends, not only the visible settings field. | Continue with request body, model slug, payload size, and feature compatibility checks. | Correct host/base/full-endpoint confusion before changing keys or model families. |
| Balance movement | Compare dashboard balance before and after one tiny diagnostic request. | If charged and no answer arrives, collect the support packet before retrying large prompts. | If not charged, focus first on request rejection, wrong endpoint, auth, or client-side failure. |
| Feature isolation | Disable streaming, tools, images, file context, long history, and automation loops for one retry. | Re-enable one feature at a time until the failing layer is identified. | Keep the request small and do not use production retries as the diagnostic method. |
| Route health | Check Service Status and try a tiny prompt on one nearby public model row if your workflow allows it. | Use a documented fallback only if quality and cost are acceptable. | Wait, switch safely, or contact support with timestamps instead of hammering the failing route. |
Prevent it next time
Store the key in one secure environment variable per environment and document which app reads it. Never commit API keys, and avoid copying them through rich-text tools that can add invisible characters.
Minimum support packet
Collect these details before opening support. This avoids exposing secrets while giving enough context to match logs and reproduce the public failure path.
| Field | Why support needs it |
|---|---|
| Timestamp | Use UTC or include timezone so logs can be matched accurately. |
| Endpoint path | Include /v1, /anthropic, or the exact client route shape involved. |
| Public model slug | Send the customer-facing slug, not a private key, upstream account name, or hidden route. |
| Exact error text | Include the visible invalid API key message and any HTTP status shown by the client. |
| Minimal request result | State whether the tiny check on this page works with the same key. |
| Balance movement | State whether balance changed after the failed request or only after retries. |
| Client and feature flags | Name the tool, SDK, streaming setting, image input, tools, file context, or automation loop involved. |
When to contact support
Contact support when a minimal reproducible check still fails, when the dashboard history does not match what your client received, or when usage appears charged but no usable answer reached the client.
- Include timestamp, endpoint path, public model slug, exact error wording, and whether the same key works on a minimal request.
- Include whether the dashboard balance changed and whether the client retried in the background.
- Do not send secrets, full API keys, regulated data, or private production prompts in public support messages.
Open the support bot after collecting the reproducible details.
Related sources
Use these pages to verify the exact base URL, model slug, billing behavior, service status, or broader troubleshooting route before changing unrelated settings.