Remove descriptions including "All" tab
This commit is contained in:
Kohei Tamura
Stian Thorgersen
parent
dc6e4b41b6
commit
afb2fe60bc
1 changed files with 7 additions and 7 deletions
|
|
@ -14,10 +14,10 @@ To view the active keys for a realm select the realm in the admin console click
|
|||
will show the currently active keys for the realm. {project_name} currently only supports RSA signatures so there
|
||||
is only one active keypair. In the future as more signature algorithms are added there will be more active keypairs.
|
||||
|
||||
To view all available keys select `All`. This will show all active, passive and disabled keys. A keypair can have the
|
||||
status `Active`, but still not be selected as the currently active keypair for the realm. The selected active pair which
|
||||
is used for signatures is selected based on the first key provider sorted by priority that is able to provide an
|
||||
active keypair.
|
||||
To view passive or disabled keys select `Passive` or `Disabled`. This will show passive or disabled keys.
|
||||
A keypair can have the status `Active`, but still not be selected as the currently active keypair for the realm.
|
||||
The selected active pair which is used for signatures is selected based on the first key provider sorted by priority
|
||||
that is able to provide an active keypair.
|
||||
|
||||
==== Rotating keys
|
||||
|
||||
|
|
@ -70,13 +70,13 @@ Fill in the values for `Keystore`, `Keystore Password`, `Key Alias` and `Key Pas
|
|||
|
||||
==== Making keys passive
|
||||
|
||||
Locate the keypair in `Active` or `All` then click on the provider in the `Provider` column. This will take you to the
|
||||
Locate the keypair in `Active` then click on the provider in the `Provider` column. This will take you to the
|
||||
configuration screen for the key provider for the keys. Click on `Active` to turn it `OFF`, then click on `Save`. The
|
||||
keys will no longer be active and can only be used for verifying signatures.
|
||||
|
||||
==== Disabling keys
|
||||
|
||||
Locate the keypair in `Active` or `All` then click on the provider in the `Provider` column. This will take you to the
|
||||
Locate the keypair in `Active` then click on the provider in the `Provider` column. This will take you to the
|
||||
configuration screen for the key provider for the keys. Click on `Enabled` to turn it `OFF`, then click on `Save`. The
|
||||
keys will no longer be enabled.
|
||||
|
||||
|
|
@ -86,7 +86,7 @@ Alternatively, you can delete the provider from the `Providers` table.
|
|||
|
||||
{project_name} has the signing keys stored just locally and they are never shared with the client applications, users or other
|
||||
entities. However if you think that your realm signing key was compromised, you should first generate new keypair as described above and
|
||||
then immediatelly remove the compromised keypair.
|
||||
then immediately remove the compromised keypair.
|
||||
|
||||
Then to ensure that client applications won't accept the tokens signed by the compromised key, you should update and push not-before policy for
|
||||
the realm, which is doable from the admin console. Pushing new policy will ensure that client applications won't accept the existing
|
||||
|
|
|
|||
Loading…
Reference in a new issue