When growing from dozens to hundreds or thousands of devices, it becomes paramount to think about security at scale. While using your account's token is practical for quick prototypes, using it for several devices would be as insecure as having the same password for all of your online services (email, social media, banking, etc.).

Organizational tokens already provides a first layer of security by allowing you to create tokens for specific sets of devices, segmented by organizations. But the most secure way to deploy your devices at scale is by using individual token(s) per Device.

Requirements

Table of Contents

  1. What are Device Tokens?
  2. Creating Device Tokens using Ubidots Web Interface
  3. Creating Device Tokens using the API
  4. Managing your Device Tokens
  5. Exporting your Device Tokens for Device Manufacturing

1) What are Device Tokens?

A Token is a unique key that authorizes your device to interact with Ubidots API. A Device Token is a unique key that is linked to a single device within Ubidots data base, with either one or both of the following permissions:

  • Send data: Publish to, or make POST requests to send data to the device.
  • Retrieve data: Subscribe to, or make GET requests to retrieve device data.

Device tokens cannot be used to create, edit or delete devices or variables.
To perform these operations, please use an Organizational token, or an Account token.

2) Creating Device Tokens using Ubidots Web Interface

By default, every single device has a Device Token upon its creation. However, you can manually create additional Device Tokens for different purposes (Testing, development or just security reasons).

Please follow the below steps in order to create Device Tokens from the Ubidots Web Interface.

Step 1: Go to the Devices --> Devices section from the upper NavBar.
Step 2: Select the device.
Step 3: From the Device options, click on the "Manage Device tokens" button.

Step 4: A drawer will slide from the right. Please click on "+ Add new token" button.
Step 5: Assign a name for the Device Token and choose either one or both of the available permissions.
Step 6: Click on the green check mark button to confirm.

3) Creating Device Tokens using Ubidots API

Device Tokens can also be created by executing a POST request to our API. To this, the device must exist in Ubidots as this method uses the Device ID.
The following are the POST request specifications.

HTTP method: POST
Host: https://industrial.api.ubidots.com
URL endpoint: /api/v1.6/datasources/DEVICE_ID/tokens/
Headers: 'X-Auth-Token: Your Ubidots Account Token'
JSON Body:

{
  "name": "post_token",
  "permissions": [{
    "codename": "add_value",
    "enabled": true
  }, {
    "codename": "view_value",
    "enabled": false}]
}

Where:

  • name: The name of the Device Token.
  • permissions: List of permissions you want to grant for the Device Token.
  • codename: Code name of individual permissions. The following are the available:
    - "add_value": Grants permission to publish to, or make POST requests to send data to the device.
    - “view_value”: Grants permission to subscribe to, or make GET requests to retrieve device data.
  • enabled: Whether or not you like to enable the permission.

Please note that the Device Token creation request must be made using an Account Token.

4) Managing your existing Device Tokens


Once your Device Tokens have been created, you can manage them from the Ubidots Web Interface in order to see, copy, edit or delete them. To do so, please follow the below steps.

Step 1: Go to the Devices --> Devices section from the upper NavBar.
Step 2: Select the device.
Step 3: From the Device options, click on the "Manage Device tokens" button.

Step 4: A drawer will slide from the right showing your existing tokens and their names. Just in front of them there are the following options:

  • Hide/Unhide: Let's you hide or unhide your token for more security.
  • Edit: Edit the Device token name and its permissions.
  • Delete: Delete the selected Device Token.

PRO TIP: When the Device Token is unhidden, click on it to copy to the clipboard.

5) Exporting your Device Tokens for Device Manufacturing

Once your firmware and IoT Device designs are working as expected, you may want to look for an effective way to share the Device Tokens with your manufacturer. Check out these resources about device types and how to manage devices in bulk: 

Other users also found useful...

Did this answer your question?