Page tree
Skip to end of metadata
Go to start of metadata

Discussion around the new platform IoT guide that was introduced in Q2 2017 - https://backstage.forgerock.com/docs/platform/5/iot-guide/

  • What are smart devices?  Discussion around smart versus constrained devices as based on IETF Access for Constrained Environments working group
    • Smart device - HTTPS comms, basic UI, limited input, memory and OS limited, but likely a *nix, secure storage of tokens/keys
    • Constrained device - offline, non-HTTPS (aka MQTT/CoAP) comms, no key, no UI, requires broker
  • Discussion around lifecycle of devices
    • device creation
    • device authentication for cloud "call home"
    • user creation via self service
    • pairing of device to user identity
    • issuance of token material
    • revocation of issued tokens
    • use of UMA to share device generated data
  • Device creation
    • generally done via manufacturer or trusted partner
    • schema definition
    • create device instance via IDM due to flexible object model
    • store device profile in DJ
  • When device switches on, does a "call home" use case
    • wants to access cloud API to get firmware updates, software updates, config
    • API protected via IG/throttling
    • requires basic device authentication
    • most common approach is to use PKI/509.cert via AM out of the box authentication module
  • User registration
    • standard self service
    • out of band using web/tablet
  • Pair device to identity


  • No labels