diff --git a/docs/infrastructure_and_maintenance/security/development_security.md b/docs/infrastructure_and_maintenance/security/development_security.md
index e328bb94fe..d4f12df25e 100644
--- a/docs/infrastructure_and_maintenance/security/development_security.md
+++ b/docs/infrastructure_and_maintenance/security/development_security.md
@@ -145,3 +145,17 @@ security:
                 entry_point: lexik_jwt_authentication.jwt_token_authenticator
             stateless: true
 ```
+
+Finish the setup by generating a [PEM encoded key pair](https://symfony.com/bundles/LexikJWTAuthenticationBundle/2.x/index.html#generate-the-ssl-keys) by using the command:
+
+```bash
+php bin/console lexik:jwt:generate-keypair
+```
+
+The generated key pair will be stored in the `config/jwt`directory.
+
+!!! note "[[= product_name_cloud =]]"
+
+    To generate and store the tokens on [[= product_name_cloud =]], define the `config/jwt` directory as a volume in the `.platform.app.yaml` file. 
+    In 3-node cluster setups, ensure that the key pair is the same on all 3 servers. 
+    You can use a network share, or use a local mount and manually copy the key pair between the servers.