ZTrust Documentation
  • User Manual - ZTrust V3.0
    • Key Terminologies
    • Guide to Navigation
      • Clients
        • Clients List
        • Initial Access Token
        • Client Registration
      • Client Scopes
      • Realm Roles
      • Users
      • Groups
      • Sessions
      • Events
        • User events
        • Admin events
      • Realm Settings
        • General
        • Login
        • Email
        • Themes
        • Keys
        • Events
        • Localization
        • Security Defenses
        • Sessions
        • Tokens
        • Client Policies
        • User profile
        • User Registration
      • Authentication
        • Flows
        • Required Actions
        • Policies
      • Identity Providers
      • User Federation
    • Admin Manual
      • Creation of a Realm
      • Creation of a User
        • Login to Account Console
      • How to set up Password Invalidator
      • How to set up Password Policies
      • How to set up Brute Force Detection feature
      • How to enable the One-to-Many feature
      • How to set up Multi-Factor Authentication
        • Setup of ReCAPTCHA registration flow
        • Setup of ReCAPTCHA login flow
        • Setup of OTP Based Registration
        • Setup of OTP Based Login
        • Setup of QR Code Based Authentication
        • Setup of Push Notification Based Authentication
        • Setup of Biometric based Authentication
        • How to set-up 2FA Authentication
      • ZTrust Authenticator App
      • Self-Service Portal (SSP)
        • Authenticator Setup from Self-Service Portal
        • Set Your Profile Photo in Self-Servicce Portal
      • How to setup Session Invalidator feature
      • How to setup GDPR Compliant feature
      • How to set up Social Media login
      • How to setup Inactive User Tracking feature
      • How to setup Archive Inactive User feature
      • Role-Specific Attribute Based Access Control at client level
      • Self-Role Request at the Business Level
      • Self-Role Request at the Application Level
      • How to setup Delete Archived/Inactive User feature
      • Reporting Module
      • Geo Tagging and Fencing
      • Event Type
  • Release Notes
    • ZTrust V3.1.0
    • ZTrust V3.0.0
    • ZTrust V2.1.0
    • ZTrust V2.0.1
    • ZTrust V2.0.0
    • ZTrust V1.0.4
    • ZTrust V1.0.3
    • ZTrust V1.0.2
    • ZTrust V1.0.1
    • ZTrust V1.0.0
  • Frequently Asked Questions
  • User Manual - ZTrust V2.0
    • Key Terminologies
    • Guide to Navigation
      • Clients
        • Clients List
        • Initial Access Token
        • Client Registration
      • Client Scopes
      • Realm Roles
      • Users
      • Groups
      • Sessions
      • Events
        • User events
        • Admin events
      • Realm Settings
        • General
        • Login
        • Email
        • Themes
        • Keys
        • Events
        • Localization
        • Security Defenses
        • Sessions
        • Tokens
        • Client Policies
        • User profile
        • User Registration
      • Authentication
        • Flows
        • Required Actions
        • Policies
      • Identity Providers
      • User Federation
    • Admin Manual
      • Creation of a Realm
      • Creation of a User
        • Login to Account Console
      • How to set up Password Invalidator
      • How to set up Password Policies
      • How to set up Brute Force Detection feature
      • How to enable the One-to-Many feature
      • How to set up Multi-Factor Authentication
        • Setup of ReCAPTCHA registration flow
        • Setup of ReCAPTCHA login flow
        • Setup of OTP Based Registration
        • Setup of OTP Based Login
        • Setup Time-based One-Time Password (TOTP) Based Login
        • Setup of QR Code Based Authentication
        • Setup of Push Notification Based Authentication
        • Setup of Biometric based Authentication
        • How to set-up 2FA Authentication
      • How to setup Session Invalidator feature
      • How to setup GDPR Compliant feature
      • How to set up Social Media login
      • How to setup Inactive User Tracking feature
      • How to setup Archive Inactive User feature
      • How to setup Delete Archived/Inactive User feature
      • Role-Specific Attribute Based Access Control at client level
      • Reporting Module
      • Geo Tagging and Fencing
      • Event Type
  • User Manual - ZTrust V1.0
    • Guide to Navigation
      • Realm Settings
        • General
        • Login
        • Keys
        • Email
        • Themes
        • RabbitMQ Config
        • Localization
        • Cache
        • Tokens
        • Client Registration
        • Client Policies
        • Security Defenses
      • Clients
      • Client Scopes
        • Default Client Scopes
      • Roles
        • Realm Roles
        • Default Roles
      • Identity Providers
      • User Federation
      • Authentication
        • Flows
        • Bindings
        • Required Actions
        • Password Policy
        • OTP Policy
        • WebAuthn Policy
        • WebAuthn Passwordless Policy
        • CIBA Policy
      • Groups
        • Default Groups
      • Users
      • Sessions
        • Realm Sessions
        • Revocation
      • Events
        • Login Events
        • Admin Events
        • Config
      • Import
      • Export
    • Admin Manual
      • Creation of a Realm
      • Creation of a User
        • Login to Account Console
      • How to set up Password Invalidator
      • How to set up Password Policies
      • How to set up Brute Force Detection feature
      • How to enable the One-to-Many feature
      • How to set up Multi-Factor Authentication
        • Setup of ReCAPTCHA registration flow
        • Setup of ReCAPTCHA login flow
        • Setup of OTP Based Registration
        • Setup of OTP Based Login
        • Setup of QR Code Based Authentication
        • Setup of Push Notification Based Authentication
        • Setup of Biometric based Authentication
      • How to setup Session Invalidator feature
      • How to setup GDPR Compliant feature
      • How to set up Social Media login
      • How to setup Inactive User Tracking feature
      • How to setup Archive Inactive User feature
      • How to setup Delete Archived/Inactive User feature
Powered by GitBook
On this page
  1. User Manual - ZTrust V1.0
  2. Guide to Navigation
  3. Realm Settings

Keys

PreviousLoginNextEmail

Last updated 1 year ago

ZTrust employs authentication protocols that necessitate cryptographic signatures and encryption.

It utilizes asymmetric Key pairs, consisting of a private key and a public key, to fulfill this requirement. Although only one key pair is actively used at any moment for generating new signatures, there are multiple passive key pairs available for verifying previous signatures. This facilitates smooth key rotation without affecting users or causing any downtime.

Active

The Active Key is the Key that is actively utilized when ZTrust is being used.

Algorithm

This indicates the Encryption Algorithm used to generate the Keys.

Algorithm refers to the specific format that is being used for encrypting the data.

Type

This denotes the Type of Encryption Algorithm that has been utilized.

Kid

It denotes the Key ID.

It is a sequence of characters generated using the Algorithm.

Use

It denotes the manner in which the Key is utilized.

For example, Here, ENC signifies Encryption.

Priority

It indicates whether the existing Key Pair or any newly generated Key Pair becomes the Active Key Pair. The highest number designates the key pair as active.

Provider

It indicates the source or origin of the Algorithms being used by ZTrust.

Public Key

It holds the Public key utilized to authenticate the sender of an encrypted message.

Certificate

It contains the Certificate that is issued to this specific provider to verify its authenticity.

If it possesses a Certificate, it is deemed valid or genuine.

Passive

In the Passive Keys section, the Keys are listed, with which there is no direct engagement or interactions. You won’t have any control over these keys.

Disabled

It lists down the Keys that are not enabled or are not intended for use.

Within the Providers section, you have the option to generate a Key pair, along with a self-signed certificate.

Click on the dropdown for Add keystore and select the most suitable provider option from the menu based on your requirements.

This action will lead you to the following screen.

Console Display Name

It indicates the provider's display name as shown in the Admin Console.

It also displays the option chosen from the dropdown menu.

Priority

This field pertains to the priority of the provider.

Enter any number here. The value determines whether the new Key pair becomes the Active Key pair. The highest numerical value designates the key pair as active.

Enabled

This toggle button determines whether the generated Key will be enabled or disabled.

When enabled (toggled ON), the key will be enabled. It will be either Active or Passive, but it won't be Disabled.

If deactivated (toggled OFF), the key will be Disabled and will appear under the Disabled tab.

Active

This toggle button, when enabled (toggled ON), the newly generated Key will be created as an Active Key and will appear under the Active Keys tab.

Conversely, when it's disabled (toggled OFF), the Key will be designated as a Passive key and will be visible under the Passive Keys tab.

Key Size

This specifies the size of the generated Key.

You can select the preferred option from the dropdown menu as per your requirements.

Algorithm

This indicates the desired Algorithm for the Key.

You can click on the dropdown menu and choose the most suitable option based on your needs.

Save

Once you've entered the details, if you wish to proceed and generate the key, simply click on the Save button.

Reset

If you prefer not to generate a key with the provided information, click on the Reset button to discard the changes.

In the Actions section, you can find options to Edit and Delete.

Edit

To adjust or modify any settings related to the Providers or Keys, click on Edit.

Clicking on Edit will display the following screen.

Provider ID

This field is not editable.

It is automatically set after the creation of a new Key.

Console Display Name

This field is editable and pertains to the display name of the Provider when linked in the admin console. You can customize the name according to your requirements.

Priority

This field refers to the priority of the provider.

The value determines whether the new Key pair becomes the Active Key pair. The highest numerical value designates the key pair as active.

You can adjust the priority by assigning a different numerical value based on your needs.

Enabled

This toggle button determines whether the Key will be enabled or disabled.

When enabled (toggled ON), the key will be enabled. It will be either Active or Passive, but it won't be Disabled.

If deactivated (toggled OFF), the key will be Disabled and will appear under the Disabled tab.

You can customize this setting according to your needs.

Active

This toggle button, when enabled (toggled ON), the Key will be created as an Active Key and will appear under the Active Keys tab.

Conversely, when it's disabled (toggled OFF), the Key will be designated as a Passive key and will be visible under the Passive Keys tab.

You have the flexibility to adjust this setting and designate the Key as either Active or Passive based on your needs.

Key Size

This specifies the size of the Key.

You can customize this setting by choosing your preferred option from the dropdown menu to suit your needs.

Algorithm

This indicates the desired Algorithm for the Key.

You can adjust the algorithm used by selecting the most appropriate option from the dropdown menu according to your requirements.

Save

After making any modifications, click on Save to apply those changes into the system.

Reset

If you prefer not to finalize your alterations, click on Reset.

This action will discard all changes made.