Generate PureKit Credentials
This guide will help you generate all the credentials required for PureKit initialization.
Before you begin
- Create an account at Virgil Dashboard
- Create a Virgil Application at Virgil Dashboard
Credentials generation
Within your Virgil Application at Virgil Dashboard, enable the PureKit module. Now, you have to generate your PureKit credentials by clicking the "GENERATE CREDENTIALS" button. New dialog window will ask you to install Virgil CLI and then generate PureKit credentials with the following command:
virgil purekit keygen all
This command will generate the following:
| Keys | Description |
|---|---|
Backup keypair BU | Required for moving away from PureKit without losing users' passwords, so that your users won't have to go through the sign up process again. It is recommended to keep this key in a safe. |
Non-rotatable Master Secret key NM | A secret key that is used to derive keys that will be used to sign encrypted users data and records in order to ensure that the data won't be changed. Can't be rotated. |
Application Secret key SK | A private secret key that is rotated during the rotation process. |
Make sure to save the generated keys in a safe storage and click "NEXT" in the PureKit setup dialog window on Dashboard.
After entering an App Token name, you'll get the following credentials:
| Credentials | Description |
|---|---|
Service public key PK | A unique public key that is generated for a specific PureKit application that is rotated during the rotation process. |
App Token AT | A long-lived access token used on the backend to authenticate the application on the Virgil Cloud. |
Make sure to save them as well.
Next step
Now you're ready to set up PureKit at your application: