This section presents the steps that you need to follow to create a key collection, start using public keys to verify JWT signatures in client requests, and update the key collection used by your property.
Suppose a company issues JWTs to identify clients and authorize them to access specific topics. The company needs to provide a key collection with a public key in the property's JWT behavior to make sure that the JWTs in client requests are properly validated. Here are the steps to do that:
- Create a key collection.
Create a key collection
Open Recipe
- Create a key collection version and set the
primaryKeyobject member.
Create a key collection version
Open Recipe
- Optionally, activate the key collection version on staging.
Activate a key collection version
Open Recipe
-
Activate the key collection version on production
Activate a key collection version
Open Recipe
If for security reasons, the company decides to rotate public key used by the property, it can simply do so by updating the key collection referenced in the JWT behavior. Here are the steps to do that:
- Create a key collection version and set the
secondaryKeyobject member.
Create a key collection version
Open Recipe
- Optionally, activate the key collection version on staging.
Activate a key collection version
Open Recipe
- Activate the key collection version on production.
Activate a key collection version
Open Recipe
- Create a key collection version where you replace the
primaryKeyvalue with thesecondaryKeyvalue.
Create a key collection version
Open Recipe
- Optionally, activate the key collection version on staging
Activate a key collection version
Open Recipe
- Activate the key collection version on production.
Activate a key collection version
Open Recipe