Devices in Cloud Identity Plane
This article explains the device concept within Cloud Identity Plane.
Concept of the device
The device refers to the means by which a user accesses the system; this is typically a web browser (for example, on a laptop) or a smart phone. Devices in CIP are used for authentication and access to applications.
Capture and store devices
Each device is associated with a user. A device is uniquely referenced by the universally unique identifier (UUID). The device information and its relationship with a user is typically captured and stored on numerous occasions, such as authentication, password reset, and user creation.
Management offload
Devices are much more numerous than users, while the structure of device information is diverse with a plethora of device types on the market. Included support of flexible device info structures, horizontal scalability and support of stores capable to store billions of entries enables you to focus on a higher level logic. Included retention policies to remove devices when not used keep your dataset size as small as possible.
Recognition process
After a device is registered to a user, device-recognition uses various device parameters (such as mobile phone type, platform name, and version) and tokens stored on the device. It’s all stored along with the creation timestamps and history to determine if future system accesses by this user are made from the same device or a different device. That way you’re offloaded from handling this process yourself. All you may want to do is to adjust this process using microservice configuration.
Associate devices with users
The association of the device with a user can be achieved through CIP User Metadata Microservice, which is capable of storing various associations between IAM objects. In this case, it stores the information that connects a user with a device, such as the last authentication timestamp with that device or a credential used to pair the user with the device.
Sample device information
Device information obtained from CIP can look as follows:
{
"type":"android",
"platform":{
"name":"android",
"version":"4.1"
},
"build":{
"board":"Unknown",
"cpuAbi":"Armeabi",
"device":"Generic",
"host":"Android-Test-26.Mtv. Corp.Google.Com",
"manufacturer":"Unknown",
"model":"Sdk",
"product":"Sdk",
"type":"Eng",
"user":"Android-Build",
"fingerprint":"Generic/Sdk/ Generic:2.3.3/Gri3",
"bootloader":"Unknown",
"serial":"Unknown"
},
"imei":"234234234234234",
"imsi":"89014103211118510720",
"androidId":"8fbec65a6c93766e",
"mac":"AA:BB:CC:DD:EE:FF",
"bluetoothAddress":"aa4433ssdd22"
}