Configuring the Cosync Storage or CosyncJWT services for a MongoDB Realm Application is very easy, as long as the developer has created and gathered the appropriate Realm API keys for the process to take place.
To configure the CosyncJWT service, the developer will need to gather the following keys
- MongoDB Realm Application Id
- MongoDB Realm Project Id
- Realm project or organization Public API Key
- Realm project or organization Private API key
The developer will need to gather the same keys for configuring the Cosync Storage service, but also gather an additional key:
- MongoDB Realm Service Id
This may seem like a lot of information for the developer to gather, but on the plus side it only needs to be done once during configuration. As a rule, the Cosync Portal never stores any private key information. Rather it uses the keys passed in to configure the MongoDB Realm Application for the various Cosync services and discards them afterwards.
We detail in the following section how the developer should go about gathering and/or creating these keys for use by the Cosync Portal. The API keys that are gather are very sensitive and the developer should adopt the utmost care to keep them secret from the outside world. As a best practice, these keys should be stored on a separate USB key in an encrypted file, and/or with a printed copy put in a safe.