Overview

Device keys are encrypted tokens used to validate requests from BlueFletch applications making API calls. Revoking device keys or blocking a device can prevent a lost or compromised device from accessing organization data on secure APIs. Key Management is a Launcher feature that manages keys to promote secure communication between client organizations and the BlueFletch data service APIs.

User Guide

Device keys are managed in the BlueFletch Portal. It ensures that these keys/tokens have been properly authorized to access the API and perform specific actions granted during authorization. In the case of a lost or stolen device, a device key can be revoked on the Portal. Devices that had been able to securely connect with that key and are blocked from retrieving a new key will no longer be able to reach BlueFletch APIs and retrieve organization data.

Feature Configuration

To set up the Key Management feature for a particular device profile or device group, please follow the steps below:

Enabling Key Management

Key Management feature, by default, is disabled within the Launcher configuration. If keyManagement is set to true, then the feature will be enabled on the device.

"keyManagement": {
    "enabled": true,

Setting Up the Refresh Time Range

Tokens or keys on a device have a defined expiration time on the organization’s settings page. To set up the refresh time range of the token/keys on a device, define the number of seconds in the configuration.

    "refreshIntervalInSeconds": 1740
}