The confirmation that the device is that device is authenticated on the obnizCloud side by key authentication using the secret key stored inside.
Key Pair
Device authentication is done by key authentication of a key pair. The pair is always stored in the following location.
- Private key: device (or in the cloud depending on the generation method)
- Public key: Cloud
There are multiple methods for key generation and registration.
| Type | Description |
|---|---|
| In-device generation | Generated in the device, and the public key is sent to the cloud for registration |
| Generated in obniz-cli | Generated inside obnic-cli, the public key is sent to the cloud, and the private key is sent to the device as a device key from the Console. |
| Cloud generated | Generated in the cloud and downloaded as a string called device key. |
Only in the case of "cloud generation", both the public key and the private key will exist in the cloud.
We recommend users to use obniz-cli for device creation.