Forum Discussion

dmelo's avatar
dmelo
Regular Visitor
4 years ago

HOBA authentication

I was given a test task to make an OpenAPI specification for a network-connected thermopot.

This "iPot" must provide authorized and authenticated devices (on the local network) with its status info (volume of it's contents, temperature, etc.). It must accept commands (from authed&authed devices) to set a desired temperature and asynchronously report of the command completion.

 

Since Authorization, Authentication and HTTP (no HTTPS in a sensible way for IoT LAN devices) are strict requirements, the only authentication scheme that is tolerant to HTTP is HOBA https://tools.ietf.org/html/rfc7486

 

How can I describe HOBA authentication with Swagger/OpenAPI?

No RepliesBe the first to reply