Authentication and authorization

You can integrate your solutions with the service package in two ways:

• Server-less - using the REST-like service APIs (e.g. Suite - Device Provisioning, Things HTTP API 2, Hub Device Registry etc.)

• Building an own backend and using for example a Java client that communicates to our services.

On all APIs the service package will protect its functionality and your data by using

• Authentication to make sure the requester is the one he states

• Authorization to make sure the requester is allowed to see, use or change the information he wants to access

• Identification of your solution whenever an API is called

The following sections explain who needs to authenticate in which scenario.

• Auth for service subscription

• Auth for subscription management

• Auth for device provisioning

• Auth for sending device data to the Hub

• Auth for forwarding device data from Hub to Things

• Auth for accessing data via Things

• Auth for messaging from Things to Hub to Device and back