Authentication
Authentication in Device Trust Manager is handled through two main methods, each designed to ensure secure and controlled access to the REST APIs.
Authentication method | Description |
|---|---|
API token | Used for programmatic access and commonly applied in automation and service-to-service communication. Tokens are often scoped and should be rotated regularly for security. |
Authentication certificate | Provides a higher level of security and is typically used when stronger authentication, such as mutual authentication or handling sensitive data, is required. |
Management API
Device Trust Manager Management API provides the ability to perform administrative tasks—such as creating divisions, managing certificate policies, and organizing users and device groups. Authentication with Device Trust Manager Management API supports using both API tokens and authentication certificates.
Certificate Issuance API
Certificates can be issued and renewed using Device Trust Manager Certificate Issuance API. Devices can use Certificate Issuance API to obtain and manage certificates using the following protocols:
EST
SCEP
CMPv2
ACME
REST
Authentication with Device Trust Manager Certificate Issuance API supports using both passcodes and authentication certificates.
Aviso
Passcodes are typically used when short-term, single-use authentication is needed, such as for device-specific tasks like certificate issuance.