CoAP POST /iam/pairing/password-invite


This endpoint pairs the current user with the target device that hosts the endpoint.

Prior to invocation, the current user must have been password authenticated on the connection using a username and password already existing on the device. Hence, this endpoint is used for Password invite pairing.

To password authenticate a connection, the client application uses the SDK function nabto_client_connection_password_authenticate().

For password open pairing use the password-open endpoint.


POST /iam/pairing/password-invite


The Username already exists on the target device so is not included in the body. The fingerprint set on the user can be named with the body field FingerprintName:

  "FingerprintName": "my phone"

By naming the fingerprint using FingerprintName, you ensure easy identification of user fingerprints, especially if multiple devices are paired later (e.g. “my tablet” or “my laptop”).


CoAP status codes:

  • 201: Pairing completed successfully.
  • 201: Already paired.
  • 401: Missing password authentication.
  • 403: Blocked by IAM configuration.
  • 404: Pairing mode disabled.


A user must have access to the following IAM Action to use this endpoint:

  • IAM:PairingPasswordInvite

No special attributes are provided.