Configure the round number¶
The method responsible for creating the api key, requires rounds number to generate the key. Since a high value for the rounds in api-key-generator can lead to slow response time, a new configuration is provided for the admin users so that they can get the best performance. In the following sections we discuss how you can calculate this number and set it.
Note that the decreasing this number radically could lead to security violation.
All API-keys must be re-created after changing this setting
Calculate the round number¶
In order to calculate the best round number regarding the expected response time and based on the host machine hardware power, you can use the cli tool which provided here. This tool calculate the rounds number By providing the hash_name (in this case pbkdf2_sha256) and the target time (expected response time) in milliseconds.
Set the round number¶
To set this number, you only need to add the following key in the config.yml as shown in the following example:
authentication: api_key_rounds_no: 30000
This is a machine level configuration meaning that all the applications on the same machine share this number.