Edit

Share via

How to rotate Fluid Relay Server access keys

  • Article

This article provides an overview of managing access keys (tenant keys) in Azure Fluid Relay Service. Microsoft recommends that you regularly rotate your keys for better security.

Primary / Secondary keys

Customers use the access keys to sign the access tokens that are used to access Azure Fluid Relay Services. Azure Fluid Relay uses the keys to validate the tokens.

Two keys are associated with each Azure Fluid Relay Service: a primary key and secondary key. The purpose of dual keys is to let you regenerate, or roll, keys, providing continuous access to your account and data.

View your access keys

To see your access keys, search for your Azure Fluid Relay Service in the Azure portal. On the left menu of Azure Fluid Relay Service page, select Settings. Then, select Access Keys. Select the Copy button to copy the selected key.

Screenshot that shows the Access Keys page.

Rotate your access keys

Two access keys are assigned so that your Azure Fluid Relay Service does not have to be taken offline when you rotate a key. Having two keys ensures that your application maintains access to Azure Fluid Relay throughout the process. You should rotate one of two keys at one time to avoid service interruptions.

The process of rotating primary and secondary keys is the same. The following steps are for primary keys.

To rotate your Azure Fluid Relay primary key in the Azure portal:

  1. Update the access keys in your application code to use the secondary access key for the Azure Fluid Relay.

  2. Navigate to your Fluid Relay Service in the Azure portal.

  3. Under Settings, select Access key.

  4. To regenerate the primary access key for your Azure Fluid Relay Service, select the Regenerate Primary Key button above the Access Information.

  5. Update the primary key in your code to reference the new primary access key.