Versions Compared

Old Version 3

changes.mady.by.user Aaron Allsbrook

Saved on

compared with

New Version Current

changes.mady.by.user Jeff Slavin (Unlicensed)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Note

This documentation is still in development - use at your own risk

Before they can use Cloud IoT Core, non-Non-gateway devices must be authenticated to Cloud ClearBlade IoT Core through the gateway. After the devices are authenticated, the gateway can perform various tasks on behalf of the devices' behalf.

The method that a gateway can use to authenticate a device to Cloud ClearBlade IoT Core depends on whether you're using the MQTT bridge or the HTTP bridge.

Authenticating over the MQTT bridge

If you're using the MQTT bridge, you You can select an authentication method when you create the gateway. Choose one of the following:

  • Association only: The least secure method, it delegates device authentication to the gateway. When the device attaches to the gateway, Cloud ClearBlade IoT Core checks whether or not the device is associated with , or bound to , the gateway. If the device is bound, it's then authorized to communicate with Cloud ClearBlade IoT Core through the gateway. This method is useful when the device can't store and send its own JWT or when the device uses a different authentication method other than JWT.

  • Device credential only: The gateway sends the device's JWT or generates and sends a JWT on the device's behalf. Because this method associates a JWT with the device, the device isn't required to be bound to the gateway. Use this method when you want devices to switch to a different gateway based on proximity or other factors , or when the devices can generate their own JWTs but aren't capable of connecting can’t connect to the internet.

  • Both association Association and device credential: The most secure method. When a bound device attaches to the gateway, Cloud ClearBlade IoT Core authenticates it by checking the gateway's JWT, the device's JWT, and whether or not the device is associated with , or bound to , the gateway.

See Using Gateways gateways with the MQTT Bridgebridge for more details.

Authenticating over the HTTP bridge

If you're using the HTTP bridge, you You must bind the device to the gateway and then supply the JWT of either the device or the gateway JWT in every HTTP request. Cloud ClearBlade IoT Core checks both the bound device's association with the gateway and the supplied JWT to authenticate the device. This provides a similar security level of security as when you use the MQTT bridge to send both the association and the device's JWT for authentication.

See Using Gateways gateways with the HTTP Bridgebridge for more details.