Devices would be authenticated by the adapters before processing the incoming messages. Is there any way to authorize the Devices as well? i.e, to allow only a specific set of Devices to publish to a specific topic and prevent other devices from interfering?
Asked
Active
Viewed 23 times
1 Answers
1
There is no way to further restrict the endpoints that devices are allowed to publish to. However, the protocol adapters only expose a limited set of endpoints (URIs, topics, addresses) that devices can interact with. Once a device is authenticated,it can publish telemetry data and events and receive commands directed to the device. All data produced by devices are scoped to the tenant that the devices belong to. Downstream applications are authorized at the tenant level, i.e. they can only consume data that has been produced by devices belonging to the tenant(s) they are authorized for.
Based on that, you can partition your devices into multiple tenants in order to make sure that they never interfere with each other.
Kai Hudalla
- 826
- 1
- 5
- 7