❌ Error creating apiKey/secretKey for relayer using relayerClient

:computer: Environment

  • Windows
  • Node v16.14.2
  • defender-autotask-client - 1.34.0
  • defender-relay-client - 1.34.0


When executing

let relayerApiKey = await relayClient.createKey(relayerId);

I get the next error

� Error creating relayer secret key
DefenderApiResponseError: Request failed with status code 500
    at rejectWithDefenderApiError (C:\blockchain\reinvestor\node_modules\defender-base-client\lib\api\api.js:11:27)
    at processTicksAndRejections (node:internal/process/task_queues:96:5)
    at async C:\blockchain\reinvestor\node_modules\defender-relay-client\lib\api\index.js:56:20
    at async RelayClient.apiCall (C:\blockchain\reinvestor\node_modules\defender-base-client\lib\api\client.js:25:20)
    at async createReinvestorRelayer (C:\blockchain\reinvestor\services\strategies\reinvestor\autotask.js:152:27)
    at async Object.exports.handler (C:\blockchain\reinvestor\services\strategies\reinvestor\index.js:66:19) {
  request: {
    path: '/relayer/relayers/2c4ff3d3-57fb-42bf-aadc-3395dddda7a4/keys',
    method: 'POST'
  response: {
    status: 500,
    statusText: 'Internal Server Error',
    data: {
      message: 'User: arn:aws:sts::665768922667:assumed-role/defender-api-api-relayer-key-management-role/defender-api-api-relayer-api-key-create is not authorized to perform: cognito-idp:AdminCreateUser on resource: arn:aws:cognito-idp:us-west-2:665768922667:userpool/us-west-2_iLmIggsiy because no identity-based policy allows the cognito-idp:AdminCreateUser action'

:1234: Code to reproduce

When I try to get the credentials for first time I get an [] empty array:

  const relayClient = new RelayClient(credentials);
  const relayerCrendetials = await relayClient.listKeys(relayerId);
  let relayerCredentialsResponse = relayerCrendetials.find(
    (relayer) => relayer.relayerId === relayerId

However, the second time. I get an output but without the secret key:

  apiKey: '****************',
  createdAt: '****************',
  relayerId: '****************',
  keyId: '****************'

And in the UI I can see that the relayer was created:

It's like as if the apiKey is correctly created but when doing the creation of the secretKey from the client library something wrong happens in the repository.

I realised that once this error occurs, not even from the UI you can create successfully a secretKey. You can create an apiKey but the secretKey is simply not associated.

Thanks in advance for your help.

Best regards,
Pedro Reyes.

Hi Pedro

Thanks for reporting!

Issue has been identified based on your detailed report and fix has been created.
Fix should be included in our next release(this week). I will notify you when it is out.

Regarding secretKey, we are not returning secret key in list endpoint as a security measure. It is visible only once, on create.


Hello @zeljko ,

Thank you. I will keep an eye on this post.

Best regards,
Pedro Reyes

Hi @Pedro_Reyes

Fix has been deployed.
Feel free to try it out and reach to us if anything else.


Hello @zeljko ,

Updated to the newer version. Everything right :v:

Best regards,
Pedro Reyes.