I’m running since years a matomo instance without problems and often updates it to latest version.
I’m currently running version 5.7.11 with MySQL 10.11.14
Everything is working fine excepted to create/delete an API token. If I want to delete one, it spins endlessly and if I force refresh I notice the token has disappeared of the list.
If I want to create one, it’s exactly the same excepted that after a while it timeouts with an error about no website found in database and token not created. If I force refresh, no token shows up too.
I have checked website logs but nothing shows up in errors logs
Any idea what to check to find out the issue or at least get a track ?
I noticed I have the same problem if I try to delete a matomo user, it just hangs but that time I have something in the logs:
matomo.mydomain.com [Tue Feb 10 09:10:23.055409 2026] [authz_core:error] [pid 1481042:tid 139984963090176] [client 2001:XXX:XX:XXX::XXX:XXX:0] AH01630: client denied by server configuration: /home/clients/XXXXXXXXXXX/sites/matomo.mydomain.com/config/global.ini.php
I have never modified the global.ini.php as it’s supposed not to be edited no ?
I resolved the API issue and discovered that it was caused by an incorrect SMTP server configuration.
Apparently, if the SMTP settings are misconfigured, the API creation process gets interrupted. The code handling this flow is not implemented properly: the API is actually created (it appears in the system), but the page displaying the API key is never shown because the confirmation email step fails.
After fixing the SMTP credentials, everything worked correctly.
I hope this insight can be helpful for you as well.
Hey, I’ve seen something kinda similar with Matomo before, so I can imagine how annoying this is
What you’re describing (API token create/delete just hanging + weird “no website found” error) usually feels less like a UI bug and more like some permission / DB consistency issue in the backend. Especially since user deletion is also hanging for you.
I faced something similar once after a partial upgrade — everything “looked fine” but internally a couple of tables had mismatch or missing permissions mapping. Not sure if it helps, but in my case it wasn’t obvious from logs either.
What worked for me:
First thing I did was check DB user permissions + Matomo tables consistency (especially user, access, site)
Then I cleared cache manually from tmp/ folder because UI actions were stuck in loop state
Also found that some Apache config restrictions were blocking access to config paths (your authz_core:error kind of looks related to that)
Maybe check if your server config recently changed or any security module got stricter.
Will try it as soon as I have fixed the problem with my Matomo instance !