Create a JWT key collection

A collection is a namespace that indicates a particular set of public keys. Typically, you need to refer to a key collection in the IoT JSON web token (JWT) verification behaviors to indicate the public keys that you want to use to check the integrity of clients' JWT signatures. A new key collection doesn't include public keys and isn't active in the staging or production environments.

Before you begin

Complete this step if you want to use JWTs as an authentication method.

How to

  1. Go to > IOT SOLUTIONS > Token access control.
  2. Click New collection on the JWT Key Collections page.
  3. In the Create new collection window, enter a unique name for the key collection and click Create.
    The empty collection appears in the list of all key collections.
  4. Click Manage next to an appropriate key collection.
  5. In the <key collection name> window:
    • If you're uploading public keys to an empty key collection, click Upload your first keys.
    • If you're uploading public keys to a collection version, click New version.
    You can generate a pair of new keys externally. For Mac and Linux, see Generate RSA keys .
  6. On the New Version page:
    1. In Description, enter a meaningful description of the key collection version.
    2. In Primary Key, upload the primary RSA public key for the JWT signature verification.
    3. Optional: In Backup Key, upload the backup RSA public key that you want to use in case the primary key fails to verify the JWT signature.
    4. Click Create.
  7. Activate the JWT key collection:
    1. In JWT Control Access, click Manage next to the appropriate key collection name.
    2. On the Key collection name page, click the version that you want to activate.
      The system numbers key collection versions in ascending order with the highest number indicating the latest version.
    3. On the Version page, click Activate on production.
      The activation process may take up to 30 minutes.
      Tip: You can track the activation's progress in the collections details view.

What you should see

The collection version appears in the list of all collection's versions. The system assigns the highest number to the new collection version.