Migrating from Transcend-Hosted Sombra

If you are migrating from a Transcend-hosted multi-tenant Sombra to an on-premises environment and are mid-implementation, it is critical that you re-use the same JWT_ECDSA_KEY from the existing instance. If you already have connected integrations and DSRs, you should deploy the on-premises Sombra gateway with the same JWT_ECDSA_KEY and then run a key rotation after the gateway is deployed.

To obtain the JWT_ECDSA_KEY, reach out to your account manager over Slack or email (support@transcend.io) to grant you permission to view your key. You will only be able to reveal the key once for security reasons. The key can be obtained by clicking the Reveal Multi Tenant Root Secret button on the Sombra Gateways panel in the Admin UI.

This key should not be committed to code and should be provided to the gateway securely using a tool such as HashiCorp Vault or AWS Systems Manager Parameter Store.

Obtaining the JWT_ECDSA_KEY secret
Viewing the JWT_ECDSA_KEY secret

When rotating keys, we recommend that you reach out to your Transcend support rep to help guide and monitor the process to avoid downtime.