After the API Signer is installed and is running, you must activate it:
In the side menu of the Fordefi web console , click Settings > API Signer.
Click Add API Signer.
Enter an API signer name and click Add.
Complete the activation process by scanning the code in the Activate API Signer screen in the Fordefi mobile application. To get to that page, do one of the following:
- Tap the Activate API Signer push notification that you should get on your mobile app; or
- Go to the Management tab in the app and look for the Activate API Signer item there.
When the API signer has been activated, "API signer activated" is displayed in the API Signer screen.
Secure your API Signer
Once you have successfully paired an API Client with the API Signer, the API Signer will store a share of the key. It is important to limit access to the API Signer within the organization to reduce the attack and risk surface.
There is no need to open any incoming ports or connections to the API Signer as it will only connect to the Fordefi backend and will poll transactions waiting to be signed. This ensures maximum security and eliminate lateral-movement attack vectors.