Stormpath Integration, ExpressJS 'Stormpath 401Authentication with Vaild API Key is required'
I'm the author of the library. You have two problems here:
You only need to set your API keys in one way (by environment variables, by api key file, or by manual insertion into the code). You're doing it in two ways right now (apiKeyFile and environment variables).
Your API keys are invalid.
What's happening is that the library is pulling in your api keys from the environment variables first, and those keys are currently invalid.
To test this further, try doing this:
app.use(stormpath.init(app, { apiKeyFile: '/path/to/apiKey.properties'}));And remove any environment variables you've previously set.
If you're still getting the errors, then you still have the wrong API keys (maybe you removed the ones you're using) -- so go visit the Stormpath dashboard and create a new api key pair.
I recently had a similar experience using the Stormpath Express SDK. It turned out that my problem was using a seemingly valid API key that was not associated with an Account object that had access to the Stormpath application in question.
So basically, the API key id/secret I was using didn't belong to an account that lived in the Stormpath Administrators Directory.
Once I swapped out my API key id/secret for a pair attached to an Account that had access to the Stormpath application, it all started working.
I ran into the same/similar scenario. My issue was that my account had not been verified (email verification), so even though I was using the correct variables (STORMPATH_APPLICATION_HREF, STORMPATH_CLIENT_APIKEY_SECRET, STORMPATH_CLIENT_APIKEY_ID), it still didn't work.
So, make sure you have an Application created. The default is 'Stormpath', but you can (and probably should) create a new Application that depicts your app. Once you have your Application created you will need to create an Account that is associated with the previously create Application. When you create your account, make sure you use a valid email, and verify the email that was sent by stormpath (i.e. you should be able to log into stormpath with the newly created account). Once you have the Account created and associated with the Application, you need to generate your Account API key pair, which will give you the Secret and the ID. Then, the only other Environment variable you will need is the application endpoint value, which is the HREF value in the Application Details view.
I hope this helps! Happy coding.