Skip to content

API key creation: long names return opaque 500 #4798

Description

@fullheart

Summary

Creating an API key fails with a generic toast "Failed to generate API key" when the Name exceeds better-auth’s allowed length. The UI does not show a max length.

Steps to reproduce

  1. Settings → Profile → API/CLI Keys → Generate New Key
  2. Use a long name (~30+ characters)
  3. Prefix empty, rate limiting off → Generate

Actual

POST /api/trpc/user.createApiKey500 with message:

The name length is either too large or too small.

Wrapped as INTERNAL_SERVER_ERROR (generic toast).

Expected

  • Validate name length in UI/Zod against the library limit
  • Clear validation error instead of 500
  • Show max length on the Name field

Workaround

Use a short name.

Notes

Server input currently looks like z.string().min(1) only; better-auth enforces a stricter length. Related but different: #4024 / #4026.

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't working

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions