When growing from dozens to hundreds or thousands of devices, it becomes paramount to think about security at scale. While using your account's token is practical for quick prototypes, using it for several devices would be as insecure as having the same password for all of your online services (email, social media, banking, etc.).
Organizational tokens already provides a first layer of security by allowing you to create tokens for specific sets of devices, segmented by organizations. But the most secure way to deploy your devices at scale is by using individual token(s) per Device.
Requirements
An active Ubidots license (IoT Entrepreneur and above).
Table of Contents
1) What are Device Tokens?
A Token is a unique key that authorizes your device to interact with Ubidots API. A Device Token is a unique key that is linked to a single device within Ubidots data base, with either one or both of the following permissions:
Send data: Publish to, or make POST requests to send data to the device.
Retrieve data: Subscribe to, or make GET requests to retrieve device data.
Device tokens cannot be used to create, edit or delete devices or variables.
To perform these operations, please use an Organizational token, or an Account token.
2) Creating Device Tokens using Ubidots Web Interface
By default, every single device has a Device Token upon its creation. However, you can manually create additional Device Tokens for different purposes (Testing, development or just security reasons).
Please follow the below steps in order to create Device Tokens from the Ubidots Web Interface.
Step 1: Go to the Devices --> Devices section from the upper NavBar.
Step 2: Select the device.
Step 3: From the Device options, click on the "Manage Device tokens" button.
Step 4: A drawer will slide from the right. Please click on "+ Add new token" button.
Step 5: Assign a name for the Device Token and choose either one or both of the available permissions, or leave it in blank to not grant any permission.
Step 6: Click on the green check mark button to confirm.
3) Managing your existing Device Tokens
Once your Device Tokens have been created, you can manage them from the Ubidots Web Interface in order to see, copy, edit or delete them. To do so, please follow the below steps.
Step 1: Go to the Devices --> Devices section from the upper NavBar.
Step 2: Select the device.
Step 3: From the Device options, click on the "Manage Device tokens" button.
Step 4: A drawer will slide from the right showing your existing tokens and their names. Just in front of them there are the following options:
Hide/Unhide: Let's you hide or unhide your token for more security.
Edit: Edit the Device token name and its permissions.
Delete: Delete the selected Device Token.
PRO TIP: When the Device Token is unhidden, click on it to copy to the clipboard.
4) Exporting your Device Tokens for Device Manufacturing
Once your firmware and IoT Device designs are working as expected, you may want to look for an effective way to share the Device Tokens with your manufacturer. Check out these resources about device types and how to manage devices in bulk: