Skip to main content

Managing tokens and keys

This page explains how to generate and use different tokens and keys for nRF Cloud services over REST, using the nRF Cloud portal or REST endpoints.

Some operations depend on your role within a team. Anyone can view a key or token, but not all roles can generate them.

API key

All team members can generate API keys through the nRF Cloud portal. The API key is user-specific.

To view an existing API key or generate a new one:

  1. Log in to the nRF Cloud portal.

  2. Click the three-line menu in the upper right corner.

  3. Click User Account.

  4. On the Current Team Details card, locate the API key. You can copy the existing key, or generate a new one:

    • Click the icon next to the text box to copy the existing API key.

    • Click Regenerate API key to generate a new one.

      A pop-up opens:

      1. Type regenerate api key in the text box to confirm.
      2. Click OK.
      3. The new key appears in the text box.

Use this key in the Authorization: Bearer header in REST requests that require it. Previously issued API keys are valid for up to 60 minutes after you generate a new one.

JWT

The evaluation token is the only JWT that you can generate through the nRF Cloud portal. To generate a commercial token, see JWT authentication on nRF Cloud.

To use Location Services, you must generate a JWT for each service, using the relevant service key for each.

Evaluation token

An evaluation token is a type of JWT and used in the same way, in the authorization header of a request. A team can have one active evaluation token at a time.

Access

Only the team owner can generate an evaluation token, through the nRF Cloud portal or directly through the APIs.

All team members can view the evaluation token from the Team page in the portal or using the APIs.

To generate the evaluation token in the portal (owner only):

  1. Log in to the nRF Cloud portal.
  2. Click the drop-down menu in the top right corner.
  3. Click Team.
  4. In the Service Evaluation Token section, click Generate Token. A window opens asking for confirmation.
  5. Click OK to generate the token.
  6. Copy the token that appears in the text field to the left of the Generate Token button. The token no longer appears once it has expired.

To generate the evaluation token using the REST API (owner only):

To view the evaluation token (any role):

Service key

Access

The service key applies to proxy server use of Location Services and requires a Pro or Enterprise plan.

Only the team owner can generate a service key.

note

To use a service key, you must first declare proxy server usage on your Manage plan page.

To generate a service key:

  1. Log in to the nRF Cloud portal.

  2. In the left sidebar, click Device Management.

    A panel opens to the right.

  3. Click Manage Service Keys.

    The service key page opens. There is a card for each service, but one key gives access to all services.

  4. Click Generate New Key for any service.

  5. Type generate new key in the text box to confirm.

  6. Click OK.

    The server generates and shows the key.

    caution

    Creating a new service key invalidates JWTs signed with the old one.

  7. Copy and store the key in a secure place by selecting and copying the text, or by clicking the icon below the text box. If you lose the key or it is compromised, you will need to generate a new key.

Once you generate a new service key, you also need to generate a new JWT for each service, signed with the relevant service key.

Last updated on