GUI-O Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Prevent access to my IoT's

    Scheduled Pinned Locked Moved
    Frequently Asked Questions (FAQ)
    2
    3
    320
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      Sato
      last edited by

      Now my question is whether it is possible to prevent
      access to my IoT's from a cell phone (App Gui-O) of some employee who is no longer working in the company, without having to change the firmware of all the IoT's.

      This is a question that certainly some customer in the future will ask

      Regards

      K 1 Reply Last reply Reply Quote 0
      • K
        kl3m3n @Sato
        last edited by kl3m3n

        @sato said in Prevent access to my IoT's:

        Now my question is whether it is possible to prevent
        access to my IoT's from a cell phone (App Gui-O) of some employee who is no longer working in the company, without having to change the firmware of all the IoT's.

        This is a question that certainly some customer in the future will ask

        Regards

        Hello,

        you have several options to implement authentication and authorization.

        MQTT by design allows specifying user, password and client id parameters. Based on this credentials, the broker can then decide if a client connection is allowed (in theory, you could also use client certificates, but GUI-O currently does not support importing custom certificates). You could for example only check the client id and disable user-password authentication (depends on your use case).

        The main "problem" is that this access control requires broker access to setup the rules properly. Although we offer MQTT broker functionality out of the box, we currently do not offer users to setup custom rules (like CloudMQTT or HiveMQ does).

        When the rules are set, you can simply remove the client by updating the rules. Furthermore, you can also allow a certain client to access a device (topic), while denying access to other clients.

        I hope I was clear.

        Best regards,
        kl3m3n

        S 1 Reply Last reply Reply Quote 0
        • S
          Sato @kl3m3n
          last edited by

          @kl3m3n

          Thank you for the explanation

          Best regards

          1 Reply Last reply Reply Quote 0
          • First post
            Last post