Hi there Photon users, we are currently ramping up our production and are aligning all the steps required to accept unknow Photon P1 devices in our cloud. We were used to use a claim process where we retrieve the Photon ID from the SoftAP setup. That Photon ID is send to our own server which executes a claim request to the Photon cloud. At that point we discovered we need to accept the device from the particle console by moving it from “quarantine” to “accepted”. That process is not usable for use as we are not continuously available to attend the console. We do collect the Photon IDs from manufacturing and are able to approve the IDs on our server and send out the right API call when the devices gets online.
- what are the risks of auto-accept? Our server only processes the IDs that are known in the system. Is it only the risk that we pay for unwanted devices?
- can a user spoof the product ID and get in our cloud or are there additional constraints?
- has the original claim process been dropped in favour of this quarantine process?