[ https://jira.fiware.org/browse/HELP-17613?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Fernando Lopez reassigned HELP-17613:
-------------------------------------
Assignee: Jason Fox
> [fiware-stackoverflow] Secure communication between FIWARE orion and context-provider/IoT agent
> -----------------------------------------------------------------------------------------------
>
> Key: HELP-17613
> URL: https://jira.fiware.org/browse/HELP-17613
> Project: Help-Desk
> Issue Type: Monitor
> Components: FIWARE-TECH-HELP
> Reporter: Backlog Manager
> Assignee: Jason Fox
> Labels: fiware, fiware-orion
>
> Created question in FIWARE Q/A platform on 08-04-2021 at 07:04
> {color: red}Please, ANSWER this question AT{color} https://stackoverflow.com/questions/66999301/secure-communication-between-fiware-orion-and-context-provider-iot-agent
> +Question:+
> Secure communication between FIWARE orion and context-provider/IoT agent
> +Description:+
> I have to think about an architecture using FIWARE orion context-broker and several IoT agents/context-provider. In the documentation is a section describing how to securue the communication from an IoT agent/context-provider to orion. But how to secure the other sider?
> What I understand, so far, is that a context-provider has to expose a REST endpoint (/op/query) on which it accepts incomming traffic. But how do it can make sure, that these request are valid?
> In case of a subscription you can use httpCustom instead of http in the provider section, when you create a subscription. With this it is possible to use a static token which will be used by orion, when making request to the given url. This isn't possible for registration. Any suggestions how a context-provider/IoT agent can decide if an incoming request is a valid one?
--
This message was sent by Atlassian JIRA
(v6.4.1#64016)
You can get more information about our cookies and privacy policies clicking on the following links: Privacy policy Cookies policy