Application access management
For your application to access Pelion Device Management services, you need to:
- Create an application.
- Configure the application's access method.
- The subscriptions and notification channel are application specific. Devices are available for all applications in the account.
- An application can have multiple access keys. This enables new key to be deployed without downtime. You create new keys, deploy them and then delete old ones.
Tip: With a commercial account, you can have up to 25 applications at a time, instead of four. See Choosing your account type for more information about the other benefits of commercial accounts and how to upgrade a free account to a commercial account.
Creating an application
First, you must create a application in Pelion Device Management.
In Portal: Creating an application
Go to Access Management > Applications.
Click New Application.
The Create Application pop-up opens.
Give the application an easily recognizable name. The name must be unique.
Give a description for the new application.
Choose a group the new application will be associated with.
Click Create application.
Using the API: Creating an application
/v3/applications endpoint to create a new application.
You can only perform this action if you authenticate it with an administrator's access key. You must already have at least one key with administrator rights before you can use the APIs to create any other keys.
Choosing the type of key for application access
An application can connect to Pelion Device Management with either:
Both types of key give the application access to the Pelion Device Management REST APIs. The differences between the two key types are who generates the key and how Pelion Device Management verifies the key:
|Key type||Generated by||Verified when Pelion Device Management|
|Access key||Pelion Device Management||Checks the key's secret, which is hashed and stored on the server like a password|
|JWT key||You||Checks the key's signature with the verification key (public certificate) stored on the server|