ConfigCat "SDK Key ... is invalid" in CI
ConfigCat validated the SDK Key and found it malformed or empty before fetching config. The key has a specific format, and an empty string, a truncated value, or a key that does not match your data governance region is rejected up front.
What this error means
ConfigCat logs "The SDK Key '...' is invalid" or "SDK Key is required" and the client returns default values for every setting evaluation.
ConfigCat - ERROR - [1] The SDK Key '' is invalid. For more information: ...
Returning default value.Common causes
The SDK Key is empty or truncated in CI
The secret was not injected or was cut off, so ConfigCat sees a value that does not match the expected key format.
The key does not match the configured data governance
A key issued for one data governance region used with a client configured for another is treated as invalid.
How to fix it
Inject the full SDK Key from a secret
- Copy the SDK Key from the ConfigCat dashboard for the target environment.
- Store it as a CI secret and pass the complete value to the client.
- Match the data governance setting to the key's region if you set one.
env:
CONFIGCAT_SDK_KEY: ${{ secrets.CONFIGCAT_SDK_KEY }}Configure data governance to match the key
If your product uses EU data governance, set it on the client so the key validates and config fetches from the right CDN.
client = configcatclient.get(
os.environ["CONFIGCAT_SDK_KEY"],
ConfigCatOptions(data_governance=DataGovernance.EU_ONLY),
)How to prevent it
- Keep the ConfigCat SDK Key in CI secrets, never committed.
- Verify the full key is injected, not a truncated value.
- Set data governance on the client to match the key region.