ibexa · vidarl · Jul 4, 2025 · mnocon · Jul 9, 2025 · mnocon
diff --git a/docs/infrastructure_and_maintenance/security/development_security.md b/docs/infrastructure_and_maintenance/security/development_security.md
@@ -145,3 +145,18 @@
                 entry_point: lexik_jwt_authentication.jwt_token_authenticator
             stateless: true
 ```
+
+In order for the application to be able to generate JWT tokens, a [PEM encoded keyset needs to be generated](https://symfony.com/bundles/LexikJWTAuthenticationBundle/current/index.html#generate-the-ssl-keys) using the command:
-In order for the application to be able to generate JWT tokens, a [PEM encoded keyset needs to be generated](https://symfony.com/bundles/LexikJWTAuthenticationBundle/current/index.html#generate-the-ssl-keys) using the command:
+Finish the setup by generating a [PEM encoded key pair](https://symfony.com/bundles/LexikJWTAuthenticationBundle/2.x/index.html#generate-the-ssl-keys) by using the command:
-In order for the application to be able to generate JWT tokens, a [PEM encoded keyset needs to be generated](https://symfony.com/bundles/LexikJWTAuthenticationBundle/current/index.html#generate-the-ssl-keys) using the command:
+Finish the setup by generating a [PEM encoded key pair](https://symfony.com/bundles/LexikJWTAuthenticationBundle/2.x/index.html#generate-the-ssl-keys) by using the command:
+
+```bash
+php bin/console lexik:jwt:generate-keypair
+```
+
+The generated key pair will be stored in `config/jwt`
-The generated key pair will be stored in `config/jwt`
+The generated key pair will be stored in the `config/jwt`directory.
-The generated key pair will be stored in `config/jwt`
+The generated key pair will be stored in the `config/jwt`directory.
+
+!!! note "[[= product_name_cloud =]]"
+
+    In order to be able to store generate and store the tokens on [[= product_name_cloud =]], you must define `config/jwt`
+    as a volume in `.platform.app.yaml`. If you have a 3-node-cluster setup, you must ensure the key pair is the same on all
+    3 servers. Either use a network share for this, or use local mount manually copy the same keu pair
+    to all servers
-    In order to be able to store generate and store the tokens on [[= product_name_cloud =]], you must define `config/jwt`
-    as a volume in `.platform.app.yaml`. If you have a 3-node-cluster setup, you must ensure the key pair is the same on all
-    3 servers. Either use a network share for this, or use local mount manually copy the same keu pair
-    to all servers
+    To generate and store the tokens on [[= product_name_cloud =]], define the `config/jwt` directory as a volume in the `.platform.app.yaml` file. 
+    In 3-node cluster setups, ensure that the key pair is the same on all 3 servers. 
+    You can use a network share, or use a local mount and manually copy the key pair between the servers.
-    In order to be able to store generate and store the tokens on [[= product_name_cloud =]], you must define `config/jwt`
-    as a volume in `.platform.app.yaml`. If you have a 3-node-cluster setup, you must ensure the key pair is the same on all
-    3 servers. Either use a network share for this, or use local mount manually copy the same keu pair
-    to all servers
+    To generate and store the tokens on [[= product_name_cloud =]], define the `config/jwt` directory as a volume in the `.platform.app.yaml` file. 
+    In 3-node cluster setups, ensure that the key pair is the same on all 3 servers. 
+    You can use a network share, or use a local mount and manually copy the key pair between the servers.