Duplicate KID
URI: https://docs.ankatech.co/errors/duplicate-kid
HTTP Status: 409 Conflict
When you see this
You tried to create, import, or register a key under a key identifier (kid) that already exists. Key identifiers must be unique within a tenant.
Common Causes
- Generating a new key with a
kidalready in use. - Importing a keystore whose alias maps to an existing
kid. - Re-running a provisioning script that creates the same
kidtwice.
Response Example
{
"type": "https://docs.ankatech.co/errors/duplicate-kid",
"title": "Duplicate KID",
"status": 409,
"detail": "A key with kid 'my-mlkem-key' already exists for this tenant.",
"instance": "/api/v3/keys",
"correlationId": "550e8400-e29b-41d4-a716-446655440000",
"timestamp": 1730000000
}
Content-Type: application/problem+json — the response follows RFC 7807 Problem Details.
How to Resolve
- Choose a different, unique
kidfor the new key. - If you intended to replace the key, use the rotation endpoint instead of creating a new one under the same
kid. - List existing keys (
GET /api/v3/keys) to confirm which identifiers are already taken, then re-submit.
For full schema definitions, examples, and interactive testing, see the Developer Hub Reference.