Sort:  

That's great that it is supposed to be that way. The symptom is that I am told that the "token has invalid role try a different key or try again later". Now, it seems to be an error message that comes deep within some backend because I was not able to find this string in src/common/i18n/locales/en-US.json. Even the phrase "try a different key" is not in there.

Using the same string I was able to upvote this post:
https://www.steemfiles.com/hive-150329/@abrahan414/trading-anonimo-para-argentinos-sin-kyc

Perhaps, account doesn't have ecency.app in posting authority, that might be cause, if I remember correctly, authority is needed to handle scheduling content and some point related operations. But I think you should be able to use app even without that authority.

I was wrong. The login with posting key fails in the android app but not in the web facing front end. The front end works in both Chrome on android and Brave desktop.

Interesting, it shouldn't fail on mobile app. We will take a look. Creating github issue for tracking.

For reference and keep tracking, if you have any extra details, please add them here in comments of this bug report: https://github.com/ecency/ecency-mobile/issues/2573

At this site you can see which authorities people use on a given account: https://www.steemfiles.com/@leprechaun/permissions

So 'ecency.app' does have posting authority for 'leprechaun'. I don't really want to keep the active key on a device I carry around. And I think you agree that you should be able to do posting level operations options with Ecency with the posting key and I know I wont be able to do active level operations in the wallet section. I don't want anyone who has my phone to be able to do that.

I think this is the current reality of the situation: You need active keys to login to Ecency on mobile or desktop. The problem might require radical changes to the source code because of its reliance to Hive-Signer in the login process, unfortunately.

Hivesigner's role is to secure our private api via access token, so there should be simpler logical distinction, not radical changes to source code though. We can gradually improve that logic for sure. Please create issue to relevant source code, if you want to discuss further and easier to keep reference of issues and potential solution ideas on github. For mobile app side, issue created, referenced in earlier comment.