Skip to main content

Device

Note

Devices must be registered in Device Trust Manager to enable monitoring, updates, policy enforcement, and fleet management. Registration is required for all devices to be securely managed throughout their lifecycle.

Device properties

Each device includes several key properties that are used for identification and management.

Table 1. Device properties

Property

Description

Device ID

A unique identifier assigned to each device.

Device group ID

Unique identifier of the associated device group. Every device must be assigned to one device group at registration.

Key/value attributes

Attributes in the form of key/value pairs that provide additional identification or metadata for the device. These can be used to search, filter, or trigger actions.


Device attributes

Attributes are key/value pairs that represent various properties of a device, such as its MAC address, operating system, or location. These attributes allow devices to be identified, organized, and managed.

Device registration

Devices can be registered individually or in batches using a CSV template, with batch registrations processed as jobs. During registration, attributes and device group assignment are specified, ensuring that each device is properly categorized and managed.

Table 2. Device registration methods

Registration method

Description

Single device

Devices can be manually registered one by one in Device Trust Manager. Devices can also be registered using EST, SCEP, or CMPv2.

Many devices

Many devices can be registered at once using a CSV file that defines the device properties, including key/value pairs and group assignment.


Tip

You can also register a single device or many devices using Device Trust Manager Management REST API.

Device groups

Devices must be both registered and associated with a device group to be managed. A device cannot exist outside of a device group. Grouping allows policies, updates, and configurations to be applied to multiple devices at once. See Device group for more details.

Device lifecycle states

Devices are tracked and managed through various states and statuses that provide insight into their lifecycle and operational status. These states help identify a device’s registration progress, connection health, and ability to interact with Device Trust Manager.

Table 3. Connection statuses

Connection status

Description

Connected

Device is currently connected to the Rendezvous Service via MQTT.

Not connected

Device is not connected. The device log shows the timestamp of the last connection.


Table 4. Device states

Device state

Description

Registered

Device has obtained its bootstrap credentials and is able to authentication with the Rendezvous Service.

Provisioned

Device has completed the provisioning process and has applied all assigned policies.

Enrolled

Device identity is registered, but the device has not yet received a bootstrap certificate.

Deleted

Device has been deleted and its identity and records removed from Device Trust Manager.


Table 5. Device statuses

Device status

Enabled

Default state for devices in the Registered or Provisioned state unless manually disabled.

Disabled

Device is disabled from connecting to Device Trust Manager and prevented from reconnecting until it is manually re-enabled.