Skip to content
Mender Device Authentication Service
Branch: master
Clone or download
Latest commit ad465f2 Jul 18, 2019
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
api api/http: remove management API v1 and admission API endpoints Feb 15, 2019
client client/inventory: fix X-MEN-Msg-Timestamp gen Jun 27, 2019
cmd cmd: deviceauth propagate-inventory implementation Jun 26, 2019
config Update copyright to 2018 on souce files Nov 29, 2018
devauth devauth: when updating auth set, update by id Dec 7, 2018
docs docs: remove devicauth management API v1 and deviceadm API specs Feb 14, 2019
jwt Update copyright to 2018 on souce files Nov 29, 2018
keys Update copyright to 2018 on souce files Nov 29, 2018
model Merge branch 'master' into master Dec 3, 2018
store store: expose GetTenantDbs via interface Jun 7, 2019
tests set tests-python-version to align with previous package version Jul 17, 2019
utils utils: get milisencond unix timestamp Jun 7, 2019
vendor vendor: cleaned up sirupsen casing inconsistencies Apr 3, 2019
.gitignore MEN-324: Add gitignore Apr 22, 2016
.gitlab-ci.yml removed backend_integration tests in gitlab ci pipeline Jul 17, 2019
.travis.yml docs: remove devicauth management API v1 and deviceadm API specs Feb 14, 2019
Dockerfile Dockerfile: aligned alpine versions Apr 3, 2019
Dockerfile.acceptance-testing aligned acceptance testing preparation dockerfile Jul 17, 2019
LICENSE LICENSE file - update copyright date Jan 3, 2019
LIC_FILES_CHKSUM.sha256 vendor: fix sirupsen/logrus casing inconsistencies Apr 3, 2019
README.md Update README.md to Mender Hub, and add bugtracker to avoid use of Gi… Mar 8, 2019
config.yaml config: fix mongodb connection string description Jul 16, 2018
license_test.go Update copyright to 2018 on souce files Nov 29, 2018
main.go main: actually add dry run to propagate-inventory Jun 27, 2019
main_test.go Update copyright to 2018 on souce files Nov 29, 2018
middleware.go Update copyright to 2018 on souce files Nov 29, 2018
middleware_test.go Update copyright to 2018 on souce files Nov 29, 2018
server.go changelog: do not sychronize data with device admission service Jul 16, 2018
server_test.go Update copyright to 2018 on souce files Nov 29, 2018
version.go Update copyright to 2018 on souce files Nov 29, 2018
version_test.go Update copyright to 2018 on souce files Nov 29, 2018

README.md

Build Status codecov Go Report Card Docker pulls

Mender: Device Authentication Service

Mender is an open source over-the-air (OTA) software updater for embedded Linux devices. Mender comprises a client running at the embedded device, as well as a server that manages deployments across many devices.

This repository contains the Mender Device Authentication service, which is part of the Mender server. The Mender server is designed as a microservices architecture and comprises several repositories.

Device Authentication is responsible for issuing, maintaining and verifying JWT authentication tokens used by devices in Mender API calls. A token is issued as a result of a successful bootstrap request, whereby the device presents its vendor-specific identity attributes, and can be admitted in the the system by the administrator. Each subsequent device-specific API call is then internally routed to this service for token verification. At any time, the administrator can also revoke the JWT in case it was compromised.

Mender logo

Getting started

To start using Mender, we recommend that you begin with the Getting started section in the Mender documentation.

Building from source

As the Mender server is designed as microservices architecture, it requires several repositories to be built to be fully functional. If you are testing the Mender server it is therefore easier to follow the getting started section above as it integrates these services.

If you would like to build the Device Authentication service independently, you can follow these steps:

git clone https://github.com/mendersoftware/deviceauth.git
cd deviceauth
go build

Configuration

The service can be configured by:

  • providing configuration file (supports JSON, TOML, YAML and HCL formatting). The default configuration file is provided to be downloaded from config.yaml.
  • setting environment variables. The service will check for a environment variable with a name matching the key uppercased and prefixed with "DEVICEAUTH_". Eg. for "listen" the variable name is "DEVICEAUTH_LISTEN".

Contributing

We welcome and ask for your contribution. If you would like to contribute to Mender, please read our guide on how to best get started contributing code or documentation.

License

Mender is licensed under the Apache License, Version 2.0. See LICENSE for the full license text.

Security disclosure

We take security very seriously. If you come across any issue regarding security, please disclose the information by sending an email to security@mender.io. Please do not create a new public issue. We thank you in advance for your cooperation.

Connect with us

You can’t perform that action at this time.