The Token Access Control API allows you to programmatically create, manage, and store collections of public keys. It lets you upload public keys into key collections, activate key collections in the staging environment before going live, and create key collection versions to enable frictionless public key rotation for property configurations.

Who should use this API

Akamai provides APIs for developers, DevOps, and operations personnel as an alternative to using Akamai Control Center. This API provides the same functions as the Token Access Control application in Control Center.

Use this API to automate management and rotation of public keys used by the IoT products to authenticate and authorize clients sending requests with JSON web tokens (JWT) to origin servers.

Typically, you need to refer to a key collection in the JWT behaviors of IoT properties to indicate the public keys that you want to use to check the integrity of JWT signatures in client requests.

You can also rotate public keys that your properties use. Independent of your property's life cycle, the Token Access Control API lets you add secondary public keys and create versions of property-referenced key collections and update public keys stored in them.