51. Security Tokens¶
Some SolarNode features require SolarNetwork Security Tokens to use as authentication credentails for SolarNetwork services. Security Tokens are managed on the Security Tokens page in SolarNetwork.
51.1 User Tokens¶
User Security Tokens allow access to web services that perform functions directly on your behalf, for example issue an instruction to your SolarNode.
Click the "+" button in the User Tokens section to generate a new security token. You will be shown a form where you can give a name, description, and policy restrictions for the token.
Click the Generate Security Token button to generate the new token. You will then be shown the generated token. You will need to copy and save the token to a safe and secure place.
51.2 Data Tokens¶
Data Security Tokens allow access to web services that query the data collected by your SolarNodes.
Click the "+" button in the Data Tokens section to generate a new security token. You will be shown a form where you can give a name, description, and policy restrictions for the token.
Click the Generate Security Token button to generate the new token. You will then be shown the generated token. You will need to copy and save the token to a safe and secure place.
51.3 Security Policy¶
Security tokens can be configured with a Security Policy that restricts the types of functions or data the token has permission to access.
Policy | User | Node | Description |
---|---|---|---|
API Paths | Restrict the token to specific API methods. | ||
Expiry | Make the token invalid after a specific date. | ||
Minimum Aggregation | Restrict the data aggregation level allowed. | ||
Node IDs | Restrict to specific node IDs. | ||
Refresh Allowed | Make the token invalid after a specific date. | ||
Source IDs | Restrict to specific datum source IDs. | ||
Node Metadata | Restrict to specific node metadata. | ||
User Metadata | Restrict to specific user metadata. |
51.3.1 API Paths¶
The API Paths policy restricts the token to specific SolarNet API methods, based on their URL path. If this policy is not included then all API methods are allowed.
51.3.2 Expiry¶
The Expiry policy makes the token invalid after a specific date. If this policy is not included, the token does not ever expire.
51.3.3 Minimum Aggregation¶
The Minimum Aggregation policy restricts the token to a minimum data aggregation level. If this policy is not included, or of the minimum level is set to None, data for any aggregation level is allowed.
51.3.4 Node IDs¶
The Node IDspolicy restrict the token to specific node IDs. If this policy is not included, then the token has access to all node IDs in your SolarNetwork account.
51.3.5 Node Metadata¶
The Node Metadata policy restricts the token to specific portions of node-level metadata. If this policy is not included then all node metadata is allowed.
51.3.6 Refresh Allowed¶
The Refresh Allowed policy grants applications given a signing key rather than the token's private password can refresh the key as long as the token has not expired.
51.3.7 Source IDs¶
The Source IDs policy restrict the token to specific datum source IDs. If this policy is not included, then the token has access to all source IDs in your SolarNetwork account.
51.3.8 User Metadata¶
The User Metadata policy restricts the token to specific portions of account-level metadata. If this policy is not included then all user metadata is allowed.