Security

When devices are registered or CPID (Comapny ID) is generated, the authentication token is salted and hashed. This means your company’s credentials can never be recovered from our systems.

You must do this because the certificate contains what is called the “CName”. For example, www.abc.com. A common name can also be an IP address. The common name must match whatever you put into the browser’s URL box. If you put an IP address in the browser’s URL box, the certificate must then have a common name that matches. If you try to reuse one certificate it will fail because to talk to different devices, you must use different names or addresses and the common name in the certificate will not match.

The browser-based GUI and REST APIs are fronted by HTTPS, with a certificate signed by one of top most SSL providers in the world, so you can trust that you’re connecting to the genuine IoT Platform. Using the REST API requires a Solution Key and basic token. Further you can use this to make authenticate REST API calls against your company.

General

IoTConnect

Security

How do we secure your device and application credentials?

Why can’t I use one certificate for all my devices, why must I have a different certificate for every single device?

How do we secure IoT information management within your company?