Device access to the API
Use an existing certpack to gain access to the API
Generally speaking, devices don't have access to the API and nor should they. Devices live in potentially unprotected locations and should not have any permissions to do anything other than log data to the cloud.
However, there are some circumstances where you do want a device to access the API and it's easier to grant access to the device than to attempt to manage an API token.
Permissions
To give a device access to the API, browse to Admin -> Access -> API Tokens tab.
In this tab, select NEW DEVICE TOKEN
Select the target device that you want to be able to access the API
OPTIONAL - select the device group, that is, the other devices you want the target device to be able to see/access
Select the desired permissions
Click INVITE
Update permissions
Unlike API tokens, the permissions granted to a devices can be updated. Click EDIT to make the changes.
Remove/revoke access
To remove access to the API, click the dropdown arrow next to the EDIT button and select REVOKE.
Authentication
Authentication is handled using the webauthn
standard. The device's private key is used to sign a random "challenge" token and, if successful, a new token is issued with a 10 hour expiry. For more details, or for example code, please contact your account manager.
Last updated