The Tenant Security Client is built to interact with the Tenant Security Proxy and is used to encrypt and decrypt content. The SDK uses AES-256 symmetric encryption to protect data.
In order to access the features of the Tenant Security Client, you first need to create a new instance of the
TenantSecurityKMSClient class. This requires a
PROXY_DOMAIN that specifies where a Tenant Security Proxy can be reached, along with the
PROXY_API_KEY for that Tenant Security Proxy. This API_KEY is produced when generating a new Tenant Security Proxy configuration within the Configuration Broker and is unique to each configuration. As the Tenant Security Proxy is a Docker container running in your infrastructure, you are responsible for hosting it at a location that is accessible by your application.
TenantSecurityKMSClient client = TenantSecurityKMSClient.create(PROXY_DOMAIN, PROXY_API_KEY)
There are other constructors available that allow you to specify the random number generator or sizes of the thread pools used by the client; see the Javadocs for more information.