Device Authorisation Flow
- Enables authorisation of devices with limited input capabilities
- Device code is valid for 10 mins after being generated
Device Access OAuth 2.0 Flows
The flows in this section can be used for scenarios where integration is required with an IOT device which may not provide a full browser supporting another OAuth flow.
Flows covered are summarised below:
Asset Token Flow
- Actor token is a signed JWT including information about device (e.g. name, serial number, contact or account to link to in Salesforce)
- Device uses asset token to authenticate to a backend service
- Proof of key possession can be used to provide additional security for API calls - this can be implemented by signing the actor token with the device private key, and binding device public key to asset token in later API requests
- Asset token can be exchanged for an OAuth access token issued by the device backend for more efficient exchange if multiple calls are required
- AssetTokenEvent subscription includes information from the actor token and can be useful for initiating processes from actor token registration, for example automatically raising a case