About Tokens

Stellar Cyber uses tokens to authorize and configure sensor installations. Tokens are long JSON strings that can be decrypted by a sensor to read their encoded information.

What Do Tokens Do?

Tokens give security organizations a convenient way to allow installation of preconfigured sensors in their tenants' environments. Tokens perform the following services:

  • Point the installed sensor at the correct Stellar Cyber platform

    Once a token is assigned to a sensor, it automatically adds itself to the correct Stellar Cyber platform instance for the organization that generated the token.

  • Identify the tenant for the sensor

    When you apply a token to a sensor, the sensor is automatically assigned to the tenant specified in the token. 

  • Assign a Sensor Profile to the sensor

    Tokens can optionally be associated with a Sensor Profile, allowing you to assign settings to sensors as part of the installation. If you do not want to assign a sensor profile as part of the token-based installation, you can also create tokens that do not have associated sensor profiles.

    If you delete a sensor profile that is associated with a token, Stellar Cyber alerts you with a confirmation prompt informing you that all associated tokens will also be deleted.

  • Authorize the sensor installation

Each of these tasks was performed manually in previous sensor installations. The use of tokens simplifies the process, providing an authorization credential that configures the sensor with the correct tenant and Stellar Cyber platform settings.

Tokens Are Reusable

Tokens are reusable. You can use the same token to authorize and configure multiple sensors in the same tenant environment until it expires two weeks after its initial generation.

Tokens Have Configurable Expiration Dates – Sensors Do Not

When you create a token, you specify an expiration date for the token, from two weeks up to three months. Tokens can be used to authorize and configure sensors from their initial generation up to their expiration date.

Stellar Cyber alerts you in the Notification Center when tokens are about to expire, as well as when they have expired.

When a token expires, sensors authorized with the token continue to operate as normal. Once a sensor successfully registers with the Stellar Cyber platform, it no longer uses the token. It is only used for the initial authorization, registration, and configuration of the sensor.

You can also configure tokens that never expire. However, Stellar Cyber recommends that you avoid this practice to enhance the security of your deployment. In addition, tokens that are configured not to expire can only be used with sensors running 5.3.0 or later.

If you see a message reading Expired token. Generate a new one and reapply. when applying a token, it's possible that you may be trying to apply a newer token to an older, incompatible sensor (for example, a token configured never to expire on a pre-5.3.0 sensor). Check the token to make sure it's compatible with the sensor to which you are applying it.