Bootstrap credentials
Also known as a birth credential, a bootstrap credential is assigned to a device during manufacturing and remains intact for the device's lifespan.
This credential allows the device to authenticate with Device Trust Manager via the following methods:
Authentication method | Description |
---|---|
Certificates | This certificate may be referred to as a birth certificate or a bootstrap certificate. For added security, the certificate's private key should be stored in a trusted platform module (TPM), secure element, or a trusted execution environment (TEE). To learn more about certificates, see Certificate management. |
Passcodes | NoteThis feature will be accessible in a future release. A passcode is a series of alphanumeric values, with optional usage restrictions or unlimited usage. This authentication method is suitable for legacy devices or for devices with less strict security requirements. Notex.509 certificates provide more secure authentication and should be used when possible. |