Security
//TODO: Screenshot
Admin User
The web interface of the device can optionally be gated by an administrator username and password combination.
If not set explicitely, this feature is not active and everybody who has network access to the device will be able to read and write configuration and user data (Peripheral status and historical data) from the device.
To activate the username/password authentification, fill out the form fields for
Username, Password, Password (repeat) and click the button. //TODO Field names
// TODO: login!, screenshot
Web interface
Redirect HTTP requests to HTTPS
When checked, the device will force a redirect to all requests to http:// ressources to their https:// version.
Allow read access to dashboard without login
As stated above, if the admin authentication is activated, the device configuration (read and write), as well read access to user data (Peripheral status and historical data) on the dashboard will only be possible after logging in.
By ticking this checkbox, the user data will still be accessible without login.
API-Key
An API-Key is needed for the controlled device with the Box2Box feature.
Click the button to make the device create an API-Key for this device.
After having generated an API-Key, a and a button will appear.
If you regenerate or delete an API-Key, the old key will be invalid from then on. If you have Box2Box set up, you will have to repeat the process from step 2 of Box2Box: Configuring a controlled device.
// TODO Tim, wird API-Key für noch etwas ausser box2box genutzt?
Server key and certificate
CA certificates
// TODO: Screenshots