Skip to content
Platform Strategy

Clarifying Device Terminology

Many terms about devices are used interchangeably, leading to confusion, unclear decisions, the wrong teams being involved in the wrong workflow discussions, and more. This brief document clarifies the boundaries of different domains related to devices:

  • Device Identity
  • Device Provisioning
  • Device Licensing
  • Device Authorization
  • Device Management

Device Identity

The term device identity is limited to identity and authentication workflows related to devices. There are two key terms under the umbrella of device identity:

  • Device authentication: the process of verifying that a device is what it says it is
  • Device identity: the ability to uniquely identify a device using a unique identifier

At Trimble, device authentication is a function of Trimble Identity.1 Trimble Identity uses mutual TLS (mTLS2) to authenticate devices. Authentication ensures that a device is what it says it is. Device identity does not include device licensing. For more information, see Device Licensing.

Device Provisioning

Device provisioning is an API-driven workflow that creates a device identity and mints an mTLS certificate. It also allows metadata to be associated with a device during the provisioning process.34 Creating a certificate and associating metadata are optional in the device provisioning workflow.

Device provisioning refers to the API capabilities only, with the user interfaces that utilize these APIs being covered under Device Management. Device provisioning can be utilized in various parts of a device’s lifecycle, including at the manufacturing plant, in the distribution center, at a dealership, or by a customer themselves.

Device Licensing

Device licensing is separate from device identity and device provisioning. Device licensing is the ability to associate a device with a license. In the scope of this document, we are again referring to the API capability, not the UI/UX where a user undertakes this action.

Device licensing is currently planned for implementation in Trimble’s Entitlement Management System (EMS v4) in early 2024. Device licensing will associate product licenses with devices’ unique identifiers.5

Device Authorization

Device authorization may refer to what people or things can take actions on the device or what actions the device itself can take on data and resources.

Device Management

Device Management refers to a user interface where a device administrator or other persona can manage device attributes, device data, and device relationships. Device management might include things such as, “What users are assigned to the device?”, “What truck or site is the device on?”, etc. Device management uses many of the above capabilities to realize these workflows.

Footnotes

  1. Refer to the Device Authentication documentation.

  2. Using mTLS, a device can use its device certificate to get an access token from Trimble Identity.

  3. These steps are outlined in the Create a Device Identity documentation.

  4. Device attributes can be populated against the data model described in the API Definitions documentation.

  5. A device unique identifier is created at the time of Device Provisioning. This identifier uniquely identifies a device across the entire Trimble platform.