Skip to main content

Overview

Before your bots can access licensed content, you need to:
  1. Create a Supertab Connect customer account
  2. Register each bot or agent as a System
  3. Generate authentication keys for your System
A System represents any automated client that will access licensed content — a web scraper, RAG pipeline, AI agent, or backend service. Each System gets its own credentials and usage tracking.

Creating Your Account

1

Sign Up

Go to customer-connect.supertab.co/signup and create your account.
2

Log In to the Dashboard

Log into the customer portal at customer-connect.supertab.co.From here you can create and manage Systems, generate authentication keys, and view usage.

Creating a System

A System represents a single bot, agent, or automated service that accesses licensed content.
1

Navigate to Systems

From the dashboard, click Systems in the navigation menu.
2

Create a New System

  1. Click Create System
  2. Enter a descriptive name (e.g., “Production RAG Agent”, “News Scraper”, “Content Indexer”)
  3. Click Create
3

View System Details

Click on your new System to open the System Details page.Here you’ll find your Client ID — a unique identifier in URN format:
urn:stc:customer:system:{uuid}
Copy this ID — you’ll need it when generating license tokens.

Setting Up Authentication Keys

Your System needs cryptographic keys to authenticate with Supertab Connect.
Only the ES256 algorithm (ECDSA with P-256 curve) is supported.
On the System Details page, click Add new key to see three options: Supertab Connect generates both keys for you. You download and store the private key.
1

Generate the Keys

  1. Click Add new keyGenerate key pair
  2. A dialog appears with your kid (Key ID) and privateKey
2

Save Your Private Key

The private key is shown only once!We do not store your private key. Copy it immediately and store it securely. If you lose it, you’ll need to generate a new key pair.
Save these values:
  • kid: The Key ID (public identifier, not secret)
  • privateKey: Your private key in PEM format (keep secret!)
Recommended storage:
  • Environment variables
  • Secrets manager (AWS Secrets Manager, HashiCorp Vault)
  • Password manager
Best for: Most users. Simple setup, no key generation on your side.

Option 2: Upload Public Key

You generate the key pair yourself and upload only the public key to Supertab Connect.
1

Generate a Key Pair Locally

Generate an ECDSA key pair using the ES256 algorithm (P-256 curve). Use your preferred tool or library.
Only ES256 is supported. Other algorithms will be rejected.
2

Upload the Public Key

  1. Click Add new keyUpload public key
  2. Paste your public key in PEM format
  3. Click Upload
You’ll receive a kid (Key ID) for this key.
3

Store Your Private Key

Keep your private key secure. You’ll use it to sign license token requests.
Best for: Teams with existing key management infrastructure or security policies requiring self-generated keys.

Option 3: Provide JWKS URL

Host your own JSON Web Key Set (JWKS) endpoint. Supertab Connect fetches your public keys from this URL.
1

Set Up Your JWKS Endpoint

Host a JWKS endpoint that returns your public keys in standard JWKS format:
{
  "keys": [
    {
      "kty": "EC",
      "crv": "P-256",
      "kid": "my-key-id",
      "x": "...",
      "y": "..."
    }
  ]
}
The endpoint must be publicly accessible over HTTPS.
2

Register the JWKS URL

  1. Click Add new keyProvide JWKS URL
  2. Enter your JWKS endpoint URL (e.g., https://your-domain.com/.well-known/jwks.json)
  3. Click Save
Supertab Connect will fetch and cache your public keys from this URL.
Best for: Enterprise setups with centralized key management, or when you need to rotate keys without updating Supertab Connect.

Key Reference

ValueWhere to FindKeep Secret?
Client IDSystem Details pageNo
Key ID (kid)System Details → Keys sectionNo
Private KeyShown once at generation (Option 1) or your local file (Option 2/3)Yes

Next Steps

Now that you have a System and keys, you’re ready to access licensed content:

Accessing Content

Generate license tokens and make authenticated requests