Device-Certificate Creation
After a device is created in IAM, there are two ways to generate its operational certificate, enabling devices to use mTLS to authenticate with TID and obtain an identity token.
- Applications can use the Device Cert API to associate a certificate to a device.
- Devices can generate their own certificate using the Bootstrap API. This is the recommended approach
Use Cases
- Setting up a certificate for the first time so that devices can obtain license
- Renewing a certificate when the existing certificate has expired or is about to expire
- Revoking a certificate in the event of a security breach