Skip to main content

Authentication

Authentication in Device Trust Manager is handled through two main methods, each designed to ensure secure and controlled access to the REST APIs.

1. REST API authentication methods

Authentication method

Description

API token

Used for programmatic access and commonly applied in automation and service-to-service communication. Tokens are often scoped and should be rotated regularly for security.

Authentication certificate

Provides a higher level of security and is typically used when stronger authentication, such as mutual authentication or handling sensitive data, is required.


Management API

Device Trust Manager Management API provides the ability to perform administrative tasks—such as creating divisions, managing certificate policies, and organizing users and device groups. Authentication with Device Trust Manager Management API supports using both API tokens and authentication certificates.

Certificate Issuance API

Certificates can be issued and renewed using Device Trust Manager Certificate Issuance API. Devices can use Certificate Issuance API to obtain and manage certificates using the following protocols:

  • EST

  • SCEP

  • CMPv2

  • ACME

  • REST

Authentication with Device Trust Manager Certificate Issuance API supports using both passcodes and authentication certificates.

注記

Passcodes are typically used when short-term, single-use authentication is needed, such as for device-specific tasks like certificate issuance.