Devices in Cloudentity Identity

Purpose

This section explains the device concept as applicable to Cloudentity Identity.

Concept of the device

The device refers to the means by which a user accesses the system; this is typically a web browser (for example, on a laptop) or a smart phone. Devices in Cloudentity™ Identity are used for authentication and access to applications.

Capture and store devices

Each device is associated with a user. A device is uniquely referenced by the universally unique identifier (UUID). The device information and its relationship with a user is typically captured and stored on numerous occasions, such as authentication, password reset, and user creation.

Management offload

Devices are much more numerous than users, while the structure of device information is diverse with a plethora of device types on the market. Included support of flexible device info structures, horizontal scalability and support of stores capable to store billions of entries enables you to focus on a higher level logic. Included retention policies to remove devices when not used keep your dataset size as small as possible.

Recognition process

After a device is registered to a user, device-recognition uses various device parameters (such as mobile phone type, platform name, and version) and tokens stored on the device. It’s all stored along with the creation timestamps and history to determine if future system accesses by this user are made from the same device or a different device. That way you’re offloaded from handling this process yourself. All you may want to do is to adjust this process using microservice configuration.

Associate devices with users

The association of the device with a user can be achieved through Cloudentity User Metadata Microservice, which is capable of storing various associations between IAM objects. In this case, it stores the information that connects a user with a device, such as the last authentication timestamp with that device or a credential used to pair the user with the device.

Sample device information

Device information obtained from Cloudentity Identity can look as follows:

{
  "type":"android",
  "platform":{
    "name":"android",
    "version":"4.1"
  },
  "build":{
    "board":"Unknown",
    "cpuAbi":"Armeabi",
    "device":"Generic",
    "host":"Android-Test-26.Mtv. Corp.Google.Com",
    "manufacturer":"Unknown",
    "model":"Sdk",
    "product":"Sdk",
    "type":"Eng",
    "user":"Android-Build",
    "fingerprint":"Generic/Sdk/ Generic:2.3.3/Gri3",
    "bootloader":"Unknown",
    "serial":"Unknown"
  },
  "imei":"234234234234234",
  "imsi":"89014103211118510720",
  "androidId":"8fbec65a6c93766e",
  "mac":"AA:BB:CC:DD:EE:FF",
  "bluetoothAddress":"aa4433ssdd22"
}