Field Description


The password to use for generating the encryption key. Also known as the shared secret.

Confirm Password

Must match the value entered in the Password field.

Field Description

Cipher Suite

The algorithm, cipher mode, and key size that should be used for encrypting the token.

The default selected value is AES-128/CBC.

Token Lifetime

The duration in seconds for which the token is valid. Valid range is 1 to 28800.

The default value is 300 (5 minutes).

Session Lifetime

The duration in seconds for which the token may be re-issued without authentication. Valid range is 1 to 259200.

The default value is 43200 (12 hours).

Not Before Tolerance

The amount of time in seconds to allow for clock skew between servers. Valid range is 0 to 3600.

The default value is 0.

Force SunJCE Provider

If selected, the SunJCE provider is forced for encryption and decryption.

Use Verbose Error Messages

If selected, use verbose TokenException messages.

Obfuscate Password

If selected, the password will be obfuscated and password-strength validation will be applied. Clearing the checkbox allows backward compatibility with previous OpenToken agents.

Skip Trimming of Backslashes

If not selected, it prevents insecure content from affecting the security of your application and the agent. Update your applications with the latest version of the agent.

It is recommended to not change the value of this flag to avoid a negative security impact, such as someone maliciously adding slashes to exploit the system