| title | description | author | ms.author | ms.service | ms.topic | ms.date |
|---|---|---|---|---|---|---|
Rotate access keys |
Learn how and when to rotate Azure Web PubSub access keys by regenerating one key at a time. |
yjin81 |
yajin1 |
azure-web-pubsub |
how-to |
08/16/2024 |
Each Azure Web PubSub instance has a pair of access keys that helps you authenticate clients when requests are made to the service. Both keys are associated with the instance endpoint URL.
Each instance has a primary access key and a secondary access key. Rotate one access key at a time by regenerating a new key of that type, either primary or secondary. Update one access key while the other access key maintains existing authenticated connections.
For security and compliance requirements, we recommend that you routinely rotate your access keys.
To regenerate an access key, complete the steps that are described in the following sections.
In some scenarios, Azure Web PubSub might enforce a mandatory access key rotation. The service sends notifications via email and in the portal. If you receive this kind of notification or if you encounter service failure due to an access key issue, regenerate your access keys to rotate the keys.
-
In the Azure portal, sign in with your subscription credentials.
-
Go to the Web PubSub instance that has keys you want to rotate.
-
On the left menu, select Keys.
-
Select Regenerate Primary Key or Regenerate Secondary Key. A new key and a corresponding connection string are created. You manage them in your Web PubSub instance.
When the Azure Web PubSub service becomes generally available, you can also regenerate a key by using the Azure CLI.
-
Copy the new connection string.
-
Update all existing configurations to use the new connection string.
-
Close the application, and then reopen it.