Submit an authentication request

POST 
/api/devices/v1/authentication/auth_requests

The device presents its unique identity data and public key, and signs the request with its private key. If the request is valid and the device is known to the system, a valid JWT authentication token is issued.

Unless the device is pre-authorized, the very first authentication request from a device will always result in a 'HTTP 401 Unauthorized' response. At the same time, the identity data is recorded for later inspection by the user, who can then explicitly accept or reject the device via the web GUI. A subsequent authentication request will reflect this decision.

Note that when the JWT expires, the device must renew the JWT by sending a new authentication request.

Request

Responses

200

Authentication successful - a new JWT is issued and returned.

400

Invalid Request.

401

Unauthorized.

403

The device authentication is forbidden. See the error message for details.

500

Internal Server Error.

503

Service is unavailable.