Comment on page
Device access to the API
Use an existing certpack to gain access to the API
Generally speaking, devices don't have access to the API and nor should they. Devices live in potentially unprotected locations and should not have any permissions to do anything other than log data to the cloud.
However, there are some circumstances where you do want a device to access the API and it's easier to grant access to the device than to attempt to manage an API token.
To give a device access to the API, browse to Admin -> Access -> API Tokens tab.
In this tab, select NEW DEVICE TOKEN
New device token modal
- Select the target device that you want to be able to access the API
- OPTIONAL - select the device group, that is, the other devices you want the target device to be able to see/access
- Select the desired permissions
- Click INVITE
Unlike API tokens, the permissions granted to a devices can be updated. Click EDIT to make the changes.
To remove access to the API, click the dropdown arrow next to the EDIT button and select REVOKE.
Authentication is handled using the
webauthnstandard. The device's private key is used to sign a random "challenge" token and, if successful, a new token is issued with a 10 hour expiry. For more details, or for example code, please contact your account manager.