{
  "topic": "errors.TRUSTED_KEY_NOT_FOUND",
  "path": [
    "errors",
    "TRUSTED_KEY_NOT_FOUND"
  ],
  "title": "TRUSTED_KEY_NOT_FOUND — referenced trusted key does not exist",
  "synopsis": "Returned by trusted-key admin endpoints when the supplied KID does not match any registered key:",
  "body": "# errors.TRUSTED_KEY_NOT_FOUND\n\n## NAME\n\nTRUSTED_KEY_NOT_FOUND — an admin operation referenced a trusted-key KID that is not present in the registry.\n\n## SYNOPSIS\n\nHTTP: `404` `Not Found`. Retryable: `no`.\n\n## DESCRIPTION\n\nReturned by trusted-key admin endpoints when the supplied KID does not match any registered key:\n\n- `DELETE /oauth/keys/trusted/{keyId}` — the deletion target does not exist.\n- `POST /oauth/keys/trusted/{keyId}/invalidate` — the lifecycle target does not exist.\n- `POST /oauth/keys/trusted/{keyId}/reactivate` — the lifecycle target does not exist.\n\nThe detail field carries a generic `key not found` message; internal store phrasing (e.g. backend-specific KID echoes) is never leaked into the response body. Operators can correlate the request via the slog event emitted server-side at INFO level with `kid` and the underlying error.\n\nNot retryable. Verify the KID via `GET /oauth/keys/trusted` before retrying the operation.\n\n## SEE ALSO\n\n- errors\n- errors.UNAUTHORIZED\n- errors.FORBIDDEN\n",
  "sections": [
    {
      "name": "NAME",
      "body": "TRUSTED_KEY_NOT_FOUND — an admin operation referenced a trusted-key KID that is not present in the registry."
    },
    {
      "name": "SYNOPSIS",
      "body": "HTTP: `404` `Not Found`. Retryable: `no`."
    },
    {
      "name": "DESCRIPTION",
      "body": "Returned by trusted-key admin endpoints when the supplied KID does not match any registered key:\n\n- `DELETE /oauth/keys/trusted/{keyId}` — the deletion target does not exist.\n- `POST /oauth/keys/trusted/{keyId}/invalidate` — the lifecycle target does not exist.\n- `POST /oauth/keys/trusted/{keyId}/reactivate` — the lifecycle target does not exist.\n\nThe detail field carries a generic `key not found` message; internal store phrasing (e.g. backend-specific KID echoes) is never leaked into the response body. Operators can correlate the request via the slog event emitted server-side at INFO level with `kid` and the underlying error.\n\nNot retryable. Verify the KID via `GET /oauth/keys/trusted` before retrying the operation."
    },
    {
      "name": "SEE ALSO",
      "body": "- errors\n- errors.UNAUTHORIZED\n- errors.FORBIDDEN"
    }
  ],
  "see_also": [
    "errors",
    "errors.UNAUTHORIZED",
    "errors.FORBIDDEN"
  ],
  "stability": "stable",
  "actions": []
}