| title | description | author | ms.author | ms.service | ms.topic | ms.date | ms.custom | |||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
Access control and security for Azure IoT Hub Device Provisioning Service | Microsoft Docs |
Overview on how to control access to Azure IoT Hub Device Provisioning Service (DPS), includes links to in-depth articles on Azure Active Directory integration (Public Preview) and SAS options. |
jesusbar |
jesusbar |
iot-dps |
conceptual |
04/20/2022 |
|
This article describes the available options for securing your Azure IoT Hub Device Provisioning Service (DPS). The provisioning service uses authentication and permissions to grant access to each endpoint. Permissions allow the authentication process to limit access to a service instance based on functionality.
There are two different ways for controlling access to DPS:
- Shared access signatures lets you group permissions and grant them to applications using access keys and signed security tokens. To learn more, see Control access to DPS with shared access signatures and security tokens.
- Azure Active Directory (Azure AD) integration (public preview) for service APIs. Azure provides identity-based authentication with Azure Active Directory and fine-grained authorization with Azure role-based access control (Azure RBAC). Azure AD and RBAC integration is supported for DPS service APIs only. To learn more, see Control access to DPS with Azure Active Directory (Public Preview).