Key Management
Overview
BlueFletch promotes secure communication between client organizations and the BlueFletch data service APIs through device keys. Device keys are encrypted tokens used to validate requests from BlueFletch applications making API calls. Revoking device keys or blocking a device can prevent a lost or compromised device from accessing organization data on secure APIs. Device keys are managed in the BlueFletch Portal.
In the case of a lost or stolen device, a device key can be revoked on the Portal. Devices that had been able to securely connect with that key and are blocked from retrieving a new key will no longer be able to reach BlueFletch APIs and retrieve organization data.
Configuration
To configure a device to support key management, set the following parameters within the keyManagement object in the launcher configuration file.
| Field | Description |
|---|---|
| enabled | boolean If true, key management is enabled on the device and the following key-value pairs are applied. Default is false. |
| refreshIntervalInSeconds | integer The range time in seconds before the token/key on a device is refreshed. This range should be less than the Device Token Expiration Minutes on the Admin - Organization page's settings. For example, if the token expiration has been set to 30 minutes, then the refresh interval should be set to less than 1800 seconds. |
Example:
"keyManagement": {
"enabled": true,
"refreshIntervalInSeconds": 1740
}
Feature Introduced
Feature introduced in Launcher 3.18.10.