Skip to content

Device-Certificate Creation

After a device is created in IAM, there are two ways to generate its operational certificate, enabling devices to use mTLS to authenticate with TID and obtain an identity token.

  1. Applications can use the Device Cert API to associate a certificate to a device.
  2. Devices can generate their own certificate using the Bootstrap API. This is the recommended approach

Use Cases

  • Setting up a certificate for the first time so that devices can obtain license
  • Renewing a certificate when the existing certificate has expired or is about to expire
  • Revoking a certificate in the event of a security breach