JWT Secret Configuration Guide

SigNoz uses a JWT secret key to sign and verify all user session tokens. It is critical to set this secret to ensure the security of your SigNoz instance.

⚠️ Warning: JWT Secret Not Set

If you do not set the JWT secret, SigNoz will not fail to start; it will only print a warning log:

No JWT secret key is specified

Running without a secret leaves your instance exposed and anyone can forge valid tokens with an empty string.

How to Set the JWT Secret

  1. Choose a Strong Secret:
    Use a long, random string. Avoid using simple or guessable values.

  2. Set the Environment Variable:
    Set the following to your environment configuration:

    SIGNOZ_JWT_SECRET=your-very-strong-random-secret

  3. Restart SigNoz:
    After setting the variable, restart your SigNoz services to apply the change.

Best Practices

  • Never share your JWT secret publicly.
  • Rotate the secret periodically and update your environment configuration accordingly.
  • Monitor logs for any warnings about missing or invalid JWT secrets.

Was this page helpful?

Prev
Alertmanager
Next
Statistics Reporting
On this page
How to Set the JWT Secret
Best Practices
Docs
IntroductionContributingMigrate from DatadogSigNoz API
Community
Support
Slack
Twitter
Launch Week
Changelog
Dashboard Templates
DevOps Wordle
Newsletter
More
SigNoz vs DatadogSigNoz vs New RelicSigNoz vs GrafanaSigNoz vs Dynatrace
Careers
AboutTermsPrivacySecurity & Compliance
SigNoz
All systems operational