#Overview

The Key Management Service (KMS) is used for creating, storing, and managing cryptographic keys. It is used by various other services, including:

The Decentralized Identifier (DID) service, which creates DIDs.
The Credential Service, which signs and issues credentials.
The Credential Status Service, which signs status credentials.

When setting up the KMS, you have the option to choose where to store your keys. You can either use a local key store, which uses the database of the Enterprise Stack, or you can opt for an external KMS solution, such as AWS KMS, HashiCorp Vault, or Oracle KMS. For production use-cases we recommend the usage of an external KMS.

#Get Started

Local: Manage and store keys in the Enterprise database.
AWS: Manage and store keys in AWS KMS.
HashiCorp Vault: Manage and store keys in HashiCorp Vault.
Oracle KMS: Manage and store keys in Oracle KMS.

Access & Permissions Local