A join token is a special-purpose secret used to authenticate a virtual on-prem host to automatically associate itself with its corresponding account and establish a connection to BloxOne Threat Defense Cloud.

To deploy a virtual appliance, you must first create a join token and issue it to the corresponding Data Connector when you set up your machine. You can use the same join token to deploy multiple virtual appliances. You can also create as many join tokens as you need and use them for different purposes. For example, you can create one join token for a set of remote devices, and create another one for an admin who will manage the Data Connectors for a short period of time. You can revoke the join token that the respective admin uses when the admin no longer manages the hosts. You can also revoke a token if a join token is compromised for any reason. An appliance cannot be connected to the cloud if you use a revoked token. Note that join tokens are valid until you revoke them through the Cloud Services Portal.

Creating Join Tokens

To create a join token, complete the following:

1. From the Cloud Services Portal, click Manage -> On-Prem Hosts.  
2. Click the Join Tokens tab, and then click Create Token.
3. On the Create Token page, complete the following:
   
   • Name: Enter a name for the new token.
   • Description: Enter some information about this token,
   • TAGS: Click Add to associate keys with the on-prem host and specify the following:

     • KEY: Enter a meaningful name for the key, such as a location or a department.  

     • VALUE: Enter a value for the key. Select the respective check box and click Remove to delete the associated key. For information about tags, see Using Tags.

4. Click Save & Close. 
   
5. The join token string appears in the Copy Token? dialog box. Click Copy to copy the token. You should copy the token string and save it in a place where you can find it later. Note that you need this token string when you configure your virtual on-prem hosts.
   
   

You can now deploy the virtual on-prem host using either the Docker or OVA package that Infoblox provides. For information, see Deploying the Data Connector VM.

Viewing Join Tokens

To view all join tokens you have created, perform the following:

1. From the Cloud Services Portal, click Manage -> On-Prem Hosts.
2. Click the Join Tokens tab, and the Cloud Services Portal displays the following information:
   
   • TOKEN NAME: The name of the token.
   • STATUS: The current status of the token. This can be Active or Revoked.
     
   • COUNT: The number of times you have used this token to set up your virtual appliances. You can reuse the same token multiple times for different virtual appliances. This number is useful for security purposes. For example, if you have given a join token for a certain number of appliances using this token for connection, which does not match the number showing here, you might want to review the appliances that join your network.
     
   • LAST USED: The timestamp when the token was last used, in mm/dd/yy hh:mm:ss time zone format.
     
   • DESCRIPTION: Information about the join token.

Revoking Join Tokens

You can revoke a join token that you no longer need, or if its security has been compromised.

To revoke a join token, complete the following:

1. From the Cloud Services Portal, click Manage -> On-Prem Hosts.
2. Click the Join Tokens tab.
3. On the Join Tokens page, select the check boxes of the join tokens you wan to revoke.
4. Click the Revoke button. In the dialog box, click Revoke to confirm.