This document describes the steps to create a tokenization secret in Fortanix DSM.
Steps to Create a Tokenization Secret
- Click the Fortanix DSM Groups tab, and create a new group called Tokenization (if the group does not exist).
Figure 1: Create New Group for Tokenization App
Figure 2: Create a Group
- Once the group is created, configure any of the policies for the group that are required by your organization, such as the Quorum approval policy, Key undo policy (for sensitive key operations), Cryptographic policy, and Key custodian policy.
Figure 3: Configure DSM Policy
- Add a new “Tokenization App” to the Group.
- Give it a name and select the API Interface (in the following example, the Rest API is used).
- Select the Authentication Mechanism to be used by the application (in the example below the API Key is used).
Figure 4: Create a Tokenization APP
Figure 5: Select API Interface and Authentication Mechanism
- Create a Tokenization Secret in the same group created in Step 1.
Figure 6: Create Tokenization Secret in the Same Group
Figure 7: Create a Tokenization Secret
In the Add New Security Object form
- Select GENERATE to generate a tokenization secret.
- In the Choose a type section, select the key type as “Tokenization”.
Figure 8: Generate a Tokenization Object
- Select the Data type to be tokenized.
- Email Address
Figure 9: Tokenize Email Address
Figure 10: Tokenize Custom Numbers
Figure 11: Tokenize Alphanumeric Characters
- Email Address
- Enter the key size and select the key operations.
- Click GENERATE to generate the key.
Figure 12: Key Size and Key Operations
- You now have the Unique Identifier (UUID) of the Secret to be used by the Application to reference the Tokenization Secret and perform the tokenization operations.
Figure 13: Key UUID to Perform Tokenization Operations