New API keys are accepted randomly

A firend of me wanted to use some 3rd party tools which use the GW2 API. His key was not accepted from those tools when he used them, but I could use his key with those tools.I have send a request to the tokeninfo endpoint with postman, but the response told me the key is invalid. Another friend had no problems with that same key, so it seems there is some random behavior when accepting newly generated api keys.Btw. my old key is accepted always.