The Nabto Edge IAM Device Module

This module provides a simple way to configure access control directly on the embedded device - decentralized access control on the edge. It abstracts away the authorization and authentication details that must otherwise be handled by the application directly through the Nabto Edge Embedded SDK. For an introduction to the Nabto Edge IAM concepts, see the IAM guide.

Life Cycle and Types

Manage the IAM module’s life cycle: Initialize, deinitialize, load configuration, load full state, dump full state.

Configuration Builder

Build a new IAM configuration consisting of policies and roles.

State Builder

Build a new IAM state to e.g. set the pairing mode. This API is not to be used after the device is started, i.e. it should only be used to build an initial default state.

Runtime State

Manipulate IAM state at runtime, e.g. to change pairing mode after user input.

Note: Several similar operations are available in the Runtime State API and in the State Builder API. For instance compare the following two:

• nm_iam_state_set_password_open_pairing(struct nm_iam_state*, bool): State Builder API - enable password open pairing in a state object being built, e.g. the initial device state prior to starting the device the first time.
• nm_iam_set_password_open_pairing(struct nm_iam*, bool): Runtime State API - enable password open pairing at runtime.

Serializer

Read and write a full IAM configuration and state.