Start an emergency token rotation
In case of suspicious security breaches MSL5 offers a mechanism to invalidate all current tokens. This operation will refresh the service crypto signature and create fresh Staging tokens.
In the first step of this process, the user needs to Start emergency token rotation. This will create Staging tokens. The user has to test, integrate, and verify they are working expectedly. The final step is the Complete token rotation step which will invalidate and remove all service's Active tokens and promote Staging token to Active.
Let us consider an account with three tokens. Before the emergency token rotation the state is as follows:
The account has three Active tokens and zero Staging tokens: Token 1, Token 2 and Token 3.
To rotate the tokens, follow this procedure:
-
Log in to your MSL5 account.
-
Select ☰ > Access Management > API Token.
-
Click on the Start emergency token rotation icon.
-
First warning: Read carefully the warning.
- Click on the Start process button.
- The previously existing tokens are still active. Each token was duplicated, set to Staging state, and renamed.
- Click on the Complete token rotation icon.
- A final warning is displayed
- Click on Complete process.
- The previously Active tokens are deleted and the Staging tokens are now active.
Updated 3 days ago