Create a Custom Encryption Key

A custom encryption key is a 256-bit Advanced Encryption Standard (AES) key that you create.

Live Experience security configuration is provisioned with an RSA public-private key pair in which the private key is encrypted using the key that you create. You must configure your own tenant key resource (TKR) to store your key. Live Experience will access the key using a RESTFUL API and then use it to encrypt your data.

You can create your own 256-bit AES key or you can use a REST API to generate one. The REST API only generates the key and does not store it. You can generate a key as many times as you need using one of the following API operations:

• GET https://live.oraclecloud.com/tenant/api/keys/Tenant_Name/generate/tenantKey

  or, for EMEA customers,

• GET https://emea.live.oraclecloud.com/tenant/api/keys/Tenant_Name/generate/tenantKey

where Tenant_Name is your organization's name.

1. On the Security screen, select Custom Encryption Key.
2. Next to Key URL, enter a fully qualified URL for the location of your custom encryption key.
   Live Experience sends a POST request to the entered URL. The TKR adds the payload containing the URL and key and sends a POST to Live Experience. Example payload:

   Authorization: JWT
   Payload: {
   "url": "http://yourcompany.com/keys",
   "oldKey": "",
   "newKey": "59v/2Mp5j4gU0|NYppOaGIL4mgSYdInQQrgPmmSfQa8="
   }

3. Click Confirm.
   A confirmation message acknowledges that your custom encryption key will be used to encrypt your data.
4. Click Close.

Results:

In the future, the screen displays the dates on which the key was created and last modified.