diff --git a/services/tunnelbroker/src/Constants.h b/services/tunnelbroker/src/Constants.h
index 35461a417..2ee2b8d5c 100644
--- a/services/tunnelbroker/src/Constants.h
+++ b/services/tunnelbroker/src/Constants.h
@@ -1,65 +1,67 @@
 #pragma once
 
 #include <cstdlib>
 #include <regex>
 #include <string>
 
 namespace comm {
 namespace network {
 
 // AWS DynamoDB
 const size_t DYNAMODB_MAX_BATCH_ITEMS = 25;
 const size_t DYNAMODB_BACKOFF_FIRST_RETRY_DELAY = 50;
 const size_t DYNAMODB_MAX_BACKOFF_TIME = 10000; // 10 seconds
 
 const std::string DEVICE_SESSIONS_TABLE_NAME = "tunnelbroker-device-sessions";
 const std::string DEVICE_SESSIONS_VERIFICATION_MESSAGES_TABLE_NAME =
     "tunnelbroker-verification-messages";
 const std::string DEVICE_PUBLIC_KEY_TABLE_NAME = "tunnelbroker-public-keys";
 const std::string MESSAGES_TABLE_NAME = "tunnelbroker-messages";
 
 // Sessions
 const size_t SIGNATURE_REQUEST_LENGTH = 64;
 const size_t SESSION_ID_LENGTH = 64;
 const size_t SESSION_RECORD_TTL = 30 * 24 * 3600; // 30 days
 const size_t SESSION_SIGN_RECORD_TTL = 24 * 3600; // 24 hours
 const std::regex SESSION_ID_FORMAT_REGEX(
     "[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}");
 
 // AMQP (RabbitMQ)
 const std::string AMQP_FANOUT_EXCHANGE_NAME = "allBrokers";
 // Message broker queue message TTL
 const size_t AMQP_MESSAGE_TTL = 300 * 1000; // 5 min
 // queue TTL in case of no consumers (tunnelbroker is down)
 const size_t AMQP_QUEUE_TTL = 24 * 3600 * 1000; // 24 hours
 // routing message headers name
 const std::string AMQP_HEADER_FROM_DEVICEID = "fromDeviceID";
 const std::string AMQP_HEADER_TO_DEVICEID = "toDeviceID";
 const std::string AMQP_HEADER_MESSAGEID = "messageID";
 
 const size_t AMQP_RECONNECT_ATTEMPT_INTERVAL_MS = 3000;
 const size_t AMQP_RECONNECT_MAX_ATTEMPTS = 10;
 
 // DeviceID
 // DEVICEID_CHAR_LENGTH has to be kept in sync with deviceIDCharLength
 // which is defined in web/utils/device-id.js
 const size_t DEVICEID_CHAR_LENGTH = 64;
+// DEVICEID_FORMAT_REGEX has to be kept in sync with deviceIDFormatRegex
+// which is defined in web/utils/device-id.js
 const std::regex DEVICEID_FORMAT_REGEX(
     "^(ks|mobile|web):[a-zA-Z0-9]{" + std::to_string(DEVICEID_CHAR_LENGTH) +
     "}$");
 
 // Config
 const std::string CONFIG_FILE_DIRECTORY_ENV_VARIABLE =
     "TUNNELBROKER_CONFIG_FILE_DIRECTORY";
 const std::string DEFAULT_CONFIG_FILE_DIRECTORY =
     std::string(std::getenv("HOME")) + "/tunnelbroker";
 const std::string CONFIG_FILE_NAME = "tunnelbroker.ini";
 const std::string SANDBOX_CONFIG_FILE_NAME = "tunnelbroker-sandbox.ini";
 
 // DeliveryBroker
 const size_t DELIVERY_BROKER_MAX_QUEUE_SIZE = 100;
 // Database messages TTL
 const size_t MESSAGE_RECORD_TTL = 300 * 24 * 60 * 60; // 300 days
 
 } // namespace network
 } // namespace comm
diff --git a/web/redux/device-id-reducer.js b/web/redux/device-id-reducer.js
index d0bbd40fb..bef6b6279 100644
--- a/web/redux/device-id-reducer.js
+++ b/web/redux/device-id-reducer.js
@@ -1,19 +1,15 @@
 // @flow
 
 import type { Action } from '../redux/redux-setup';
-import { deviceIDCharLength } from '../utils//device-id';
+import { deviceIDFormatRegex } from '../utils/device-id';
 import { setDeviceIDActionType } from './action-types';
 
-const deviceIDRegex = new RegExp(
-  `^(ks|mobile|web):[a-zA-Z0-9]{${deviceIDCharLength.toString()}}$`,
-);
-
 export function reduceDeviceID(state: ?string, action: Action): ?string {
   if (action.type === setDeviceIDActionType) {
-    if (action.payload?.match(deviceIDRegex)) {
+    if (action.payload?.match(deviceIDFormatRegex)) {
       return action.payload;
     }
     return null;
   }
   return state;
 }
diff --git a/web/utils/device-id.js b/web/utils/device-id.js
index cfdbd6036..ddac03aec 100644
--- a/web/utils/device-id.js
+++ b/web/utils/device-id.js
@@ -1,33 +1,43 @@
 // @flow
 
 import invariant from 'invariant';
 
 import { generateRandomString } from './text-utils';
 
 const deviceIDTypes = Object.freeze({
   KEYSERVER: 0,
   WEB: 1,
   MOBILE: 2,
 });
 type DeviceIDType = $Values<typeof deviceIDTypes>;
 
 const alphanumeric =
   '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
 // deviceIDCharLength has to be kept in sync with DEVICEID_CHAR_LENGTH
 // which is defined in services/tunnelbroker/src/Constants.h
 const deviceIDCharLength = 64;
+// deviceIDFormatRegex has to be kept in sync with DEVICEID_FORMAT_REGEX
+// which is defined in services/tunnelbroker/src/Constants.h
+const deviceIDFormatRegex: RegExp = new RegExp(
+  `^(ks|mobile|web):[a-zA-Z0-9]{${deviceIDCharLength.toString()}}$`,
+);
 
 function generateDeviceID(type: DeviceIDType): string {
   const suffix = generateRandomString(deviceIDCharLength, alphanumeric);
 
   if (type === deviceIDTypes.KEYSERVER) {
     return `ks:${suffix}`;
   } else if (type === deviceIDTypes.WEB) {
     return `web:${suffix}`;
   } else if (type === deviceIDTypes.MOBILE) {
     return `mobile:${suffix}`;
   }
   invariant(false, `Unhandled device type ${type}`);
 }
 
-export { generateDeviceID, deviceIDCharLength, deviceIDTypes };
+export {
+  generateDeviceID,
+  deviceIDCharLength,
+  deviceIDTypes,
+  deviceIDFormatRegex,
+};
diff --git a/web/utils/device-id.test.js b/web/utils/device-id.test.js
index 2eed6028b..589552d98 100644
--- a/web/utils/device-id.test.js
+++ b/web/utils/device-id.test.js
@@ -1,66 +1,68 @@
 // @flow
 
 import {
   generateDeviceID,
   deviceIDCharLength,
   deviceIDTypes,
+  deviceIDFormatRegex,
 } from './device-id';
 
 describe('generateDeviceID', () => {
-  const baseRegExp = new RegExp(
-    `^(ks|mobile|web):[a-zA-Z0-9]{${deviceIDCharLength.toString()}}$`,
-  );
   it(
     'passed deviceIDTypes.KEYSERVER retruns a randomly generated string, ' +
       'subject to ^(ks|mobile|web):[a-zA-Z0-9]{DEVICEID_CHAR_LENGTH}$',
     () => {
-      expect(generateDeviceID(deviceIDTypes.KEYSERVER)).toMatch(baseRegExp);
+      expect(generateDeviceID(deviceIDTypes.KEYSERVER)).toMatch(
+        deviceIDFormatRegex,
+      );
     },
   );
 
   it(
     'passed deviceIDTypes.WEB retruns a randomly generated string, ' +
       'subject to ^(ks|mobile|web):[a-zA-Z0-9]{DEVICEID_CHAR_LENGTH}$',
     () => {
-      expect(generateDeviceID(deviceIDTypes.WEB)).toMatch(baseRegExp);
+      expect(generateDeviceID(deviceIDTypes.WEB)).toMatch(deviceIDFormatRegex);
     },
   );
 
   it(
     'passed deviceIDTypes.MOBILE retruns a randomly generated string, ' +
       'subject to ^(ks|mobile|web):[a-zA-Z0-9]{DEVICEID_CHAR_LENGTH}$',
     () => {
-      expect(generateDeviceID(deviceIDTypes.MOBILE)).toMatch(baseRegExp);
+      expect(generateDeviceID(deviceIDTypes.MOBILE)).toMatch(
+        deviceIDFormatRegex,
+      );
     },
   );
 
   it(
     'passed deviceIDTypes.KEYSERVER retruns a randomly generated string, ' +
       'subject to ^(ks):[a-zA-Z0-9]{DEVICEID_CHAR_LENGTH}$',
     () => {
       expect(generateDeviceID(deviceIDTypes.KEYSERVER)).toMatch(
         new RegExp(`^(ks):[a-zA-Z0-9]{${deviceIDCharLength.toString()}}$`),
       );
     },
   );
 
   it(
     'passed deviceIDTypes.WEB retruns a randomly generated string, ' +
       'subject to ^(web):[a-zA-Z0-9]{DEVICEID_CHAR_LENGTH}$',
     () => {
       expect(generateDeviceID(deviceIDTypes.WEB)).toMatch(
         new RegExp(`^(web):[a-zA-Z0-9]{${deviceIDCharLength.toString()}}$`),
       );
     },
   );
 
   it(
     'passed deviceIDTypes.MOBILE retruns a randomly generated string, ' +
       'subject to ^(mobile):[a-zA-Z0-9]{DEVICEID_CHAR_LENGTH}$',
     () => {
       expect(generateDeviceID(deviceIDTypes.MOBILE)).toMatch(
         new RegExp(`^(mobile):[a-zA-Z0-9]{${deviceIDCharLength.toString()}}$`),
       );
     },
   );
 });