Manage token brokers
Learn how to manage token brokers used for the browser extension in SaaS.
To access Token broker registrations, you require the Snow Atlas System administrator and Administrator roles.
Edit token broker registrations
You can edit the name and description of token broker registrations.
To change signing certificates, see Upload new signing certificates. To register a new secret key, see Register new secret keys.
-
In Snow Atlas, go to Settings, and select SaaS settings.
-
On the Token broker registrations page, select the checkbox for the registration that you want to edit.
-
On the Actions menu, select Edit.
-
In Edit, edit the applicable fields.
-
Select Save.
Upload new signing certificates
You can upload a second signing certificate for a token broker registration if you need to do a rollover of certificates and want to avoid disruption to the token broker service. Both certificates are valid until you delete the previous one from the registration.
-
In Snow Atlas, go to Settings, and select SaaS settings.
-
On the Token broker registrations page, select the checkbox for the registration that you want to edit.
-
On the Actions menu, select Edit.
-
In Certificate 2, upload your new signing certificate.
cautionYou are recommended to keep Certificate 1 until you have replaced the signing certificate in the token broker proxy. If you delete the first certificate at the same time as uploading a second one, there will be a disruption in the connection between the browser extension and Snow Atlas, and data may be lost.
-
Select Save.
The new certificate is registered.
-
Replace the certificate in your token broker proxy with the new one, and restart the service.
-
Go back to the Token broker registrations page in Snow Atlas, and select the checkbox for the registration for which you want to delete the previous certificate.
-
On the Actions menu, select Edit.
-
In Certificate 1, select Delete.
-
Select Save.
The deleted certificate is no longer valid.
Register new secret keys
You can register a new secret key if needed. The old key becomes invalid immediately, and the the connection between the browser extension and Snow Atlas is broken, until you have added the new key in the token broker proxy.
-
In Snow Atlas, go to Settings, and select SaaS settings.
-
On the Token broker registrations page, select the checkbox for the registration for which you want to register a new secret key.
-
On the Actions menu, select Register new secret key.
-
In Register new secret key, select Register secret key.
The new secret key is registered and shown.
-
Select Copy. You must copy the value before you can continue.
cautionThe Secret key is only displayed once and cannot be accessed again. Copy and save it. If you lose it, you must register a new one.
-
Select Close.
-
Replace the secret key in your token broker proxy with the copied value, and restart the service.
Delete token broker registrations
You can delete a token broker registration. The credentials become invalid immediately and the connection between the browser extension and Snow Atlas is broken.
-
In Snow Atlas, go to Settings, and select SaaS settings.
-
On the Token broker registrations page, select the checkboxes for the registrations that you want to delete.
-
In Delete token broker registrations menu, select Delete.
-
Remove the token broker proxy from your cluster.