Per-device token permissions

I know this was discussed years ago, but I’m still not seeing any way to scope tokens.

I’d like to generate at token that can only access a subset of devices. Is this possible?

The only way to control API access per device is to group all of the devices with the same access into a customer, and use a customer token. Or have multiple products, which would also have the benefit of API users, which allow you to choose which APIs the token has access to.

There’s no per-device-group API user feature. Once you get into that custom level of access control it’s usually better to just front the necessary Particle API calls with your own server so you can fully customize the access allowed to your customers.

Thanks. Neither of those groupins really work for me. They’re mesh devices, for one.

I’ll put them behind my own API, but it’s still not ideal that one service being hacked means that an attacker can execute functions on any of my devices. That means that my garage door and boiler are only as secure as my least secure function.