Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

ahmdsaza's avatar

Problem with: "Invalid key supplied", exception: "LogicException" (Laravel v10.26.2)

I had a problem, when I deploy my project into Heroku I try to register but this error comes out I try all solving I search for but doesn't help me, I use php artisan:migrate, php artisan passport:keys and php artisan passport:install --force, but no one help :(

{message: "Invalid key supplied", exception: "LogicException",…}
exception: "LogicException"
file: "/app/vendor/league/oauth2-server/src/CryptKey.php"
line: 67
message: "Invalid key supplied"

public function __construct($keyPath, $passPhrase = null, $keyPermissionsCheck = true)
    {
        $this->passPhrase = $passPhrase;

        if (\strpos($keyPath, self::FILE_PREFIX) !== 0 && $this->isValidKey($keyPath, $this->passPhrase ?? '')) {
            $this->keyContents = $keyPath;
            $this->keyPath = '';
            // There's no file, so no need for permission check.
            $keyPermissionsCheck = false;
        } elseif (\is_file($keyPath)) {
            if (\strpos($keyPath, self::FILE_PREFIX) !== 0) {
                $keyPath = self::FILE_PREFIX . $keyPath;
            }

            if (!\is_readable($keyPath)) {
                throw new LogicException(\sprintf('Key path "%s" does not exist or is not readable', $keyPath));
            }
            $this->keyContents = \file_get_contents($keyPath);
            $this->keyPath = $keyPath;
            if (!$this->isValidKey($this->keyContents, $this->passPhrase ?? '')) {
                throw new LogicException('Unable to read key from file ' . $keyPath);
            }
        } else { // ***** line 67 *****
            throw new LogicException('Invalid key supplied');
        }

        if ($keyPermissionsCheck === true) {
            // Verify the permissions of the key
            $keyPathPerms = \decoct(\fileperms($this->keyPath) & 0777);
            if (\in_array($keyPathPerms, ['400', '440', '600', '640', '660'], true) === false) {
                \trigger_error(
                    \sprintf(
                        'Key file "%s" permissions are not correct, recommend changing to 600 or 660 instead of %s',
                        $this->keyPath,
                        $keyPathPerms
                    ),
                    E_USER_NOTICE
                );
            }
        }
    }

I want to find what's is the problem because I try to solve it for a week

0 likes
11 replies
DhPandya's avatar

@ahmdsaza Please verify if you have specified the APP_KEY to the Heroku credentials(Basically where you have defined all your env variables).

1 like
ahmdsaza's avatar

@DhPandya Yes I do, php artisan key:generate --show I copy the key and past it in Heroku

martinbean's avatar

I had a problem, when I deploy my project into Heroku I try to register but this error comes out I try all solving I search for but doesn't help me, I use php artisan:migrate, php artisan passport:keys and php artisan passport:install --force, but no one help :(

@ahmdsaza You need to set those things as config vars in your Heroku app.

Heroku does not have a persistent filesystem, so any commands you run like passport:keys will generate the keys in that dyno for that particular run, but will then be lost and not available when your app is served by different dynos for subsequent requests. As an aside, if you’re uploading files then you need to make sure you’re uploading them to somewhere like S3 for the same reason. If you try and use either the local or public disks won’t be retained.

So, set a config var for APP_KEY. You then need to do the same for your Passport keys; you need to set them as config vars too as per the docs here: https://laravel.com/docs/passport#loading-keys-from-the-environment

samrat01's avatar

@ahmdsaza did you solve this issues. i tried every possible ideas from here and stackoverflow. but still could not get through "message": "Invalid key supplied", "exception": "LogicException", "file": "/****/oauth2-server/src/CryptKey.php", "line": 67,

ahmdsaza's avatar

@samrat01 Still I don't find answer, if you find a solution please tell me about it.

samrat01's avatar

@ahmdsaza hey i did found a blog "https://www.devgem.io/posts/resolving-the-invalid-key-supplied-error-in-laravel-a-step-by-step-guide" note : if you already have done same thing asked in blog use this command to make client access. "php artisan passport:client --personal" you might need to change your migration file .
not sure if its due to laravel 11. or bugs in passport package. i cound not pass the error, so i switched to Sanctum.

ahmdsaza's avatar

@samrat01 finally I find the solution add this in .env

PASSPORT_PRIVATE_KEY="-----BEGIN RSA PRIVATE KEY-----
<private key here>
-----END RSA PRIVATE KEY-----"
 
PASSPORT_PUBLIC_KEY="-----BEGIN PUBLIC KEY-----
<public key here>
-----END PUBLIC KEY-----"

just write your key to be like this

3 likes
ranggasatriaa's avatar

@Zier0Code @ahmdsaza this works for me. "Invalid key supplied" the error is solve, but new error popup "Personal access client not found". You can solve this by using:

php artisan passport:client --personal

Please or to participate in this conversation.