API02006: API Key Invalid
What This Means
The WooCommerce REST API key being used is invalid. API keys are used for server-to-server authentication, and the key provided doesn't match any valid key in WooCommerce.
Common Causes
- Key deleted — The API key was removed from WooCommerce
- Key typo — The key was entered incorrectly
- Wrong key pair — Consumer key and secret don't match
- Key from different site — Using keys generated for another installation
How to Fix
1. Verify the API Key
In WordPress Admin → WooCommerce → Settings → Advanced → REST API:
- Check if your API key exists
- Verify it hasn't been revoked
- Note the permissions (read/write/read-write)
2. Generate New API Keys
If the key is missing or invalid:
- Go to WooCommerce → Settings → Advanced → REST API
- Click "Add key"
- Enter a description (e.g., "WCPOS")
- Select the user
- Choose "Read/Write" permissions
- Click "Generate API key"
- Copy both the Consumer Key and Consumer Secret (shown only once!)
3. Update POS Configuration
Enter the new API keys in the POS:
- Consumer Key (starts with
ck_) - Consumer Secret (starts with
cs_)
4. Check Key Permissions
Ensure the key has sufficient permissions:
- Read — View data only
- Write — Modify data only
- Read/Write — Full access (recommended for POS)