Managing your keys
As we have seen in Chapter 1, Getting Started with DocumentDB, access to your databases is granted by a combination of the URI to your DocumentDB and a key. In the Azure portal, on the All Settings blade of your database, you can see both your primary and secondary keys. Both keys can be used to access your database. But why are there two keys?
Recycling keys
DocumentDB, like other persistency mechanisms on Azure, such as Table storage, provides two keys. This is because it is good practice to regenerate your keys periodically to keep your connections more secure. The two-key approach enables access to your database with one key while regenerating the other. This way, your application is always online, while the keys are changed on a regular basis. This process is called rolling your keys.
Perform the following steps to roll your keys:
- Update all your applications that are using the primary key to use the secondary key.
- Regenerate the primary key from the Azure portal.
Note...
