# KEY_OWNED_BY_DIFFERENT_TENANT — trusted-key collision with another tenant

Trusted keys are tenant-scoped. When `POST /oauth/keys/trusted` is called with a `keyId` that already belongs to a different tenant, the request is reject…

<em>cyoda-go version <a href="https://github.com/Cyoda/cyoda-go/releases/tag/v0.8.1">0.8.1</a></em>

# errors.KEY_OWNED_BY_DIFFERENT_TENANT

## NAME

KEY_OWNED_BY_DIFFERENT_TENANT — the requested `keyId` is already registered by another tenant.

## SYNOPSIS

HTTP: `409` `Conflict`. Retryable: `no`.

## DESCRIPTION

Trusted keys are tenant-scoped. When `POST /oauth/keys/trusted` is called with a `keyId` that already belongs to a different tenant, the request is rejected with `409`. Pick a fresh `keyId` (the caller cannot see or affect the other tenant's keys).

## SEE ALSO

- errors
- errors.TRUSTED_KEY_NOT_FOUND

## See also

- [`cyoda help errors`](/help/errors/) — Every error response from the Cyoda REST API carries a structured `errorCode` in the `properties` object. Multiple codes may share the same HTTP status. Programmatic handling keys on `errorCode`, not HTTP status.
- [`cyoda help errors TRUSTED_KEY_NOT_FOUND`](/help/errors/trusted_key_not_found/) — Returned by trusted-key admin endpoints when the supplied KID does not match any registered key:

## Raw formats

- [`/help/errors/key_owned_by_different_tenant.json`](/help/errors/key_owned_by_different_tenant.json) — full descriptor (matches `GET /help/{topic}` envelope)
- [`/help/errors/key_owned_by_different_tenant.md`](/help/errors/key_owned_by_different_tenant.md) — body only