Skip to content

Security & Authentication

The gateway provides enterprise-grade security features.

Security Settings Security Settings

Authentication

Single Sign-On (SSO)

Integration with enterprise identity providers: - Keycloak - Active Directory - OAuth 2.0 providers - OpenID Connect

Session Management

  • Automatic timeout after inactivity
  • Secure session storage
  • Forced logout capability

Authorization

Role-Based Access Control

  • Administrator: Full access
  • Operator: Device configuration
  • Viewer: Read-only

API Security

  • All endpoints require authentication
  • Token-based API access
  • Request validation

Network Security

  • MQTT TLS encryption (optional)
  • HTTPS support via reverse proxy
  • Configurable firewall rules

Audit Logging

All actions logged: - User logins - Configuration changes - Command execution (DCMD) - Access attempts

Best Practices

  • ✅ Enable SSO with MFA
  • ✅ Use TLS for MQTT
  • ✅ Deploy behind reverse proxy
  • ✅ Regular security updates
  • ✅ Monitor audit logs
  • ✅ Strong password policies

Next Steps