Are you worried that someone would be submitting false information on your behalf?
Do you think this might already be happening in the sensor network?
Or are you worried in a general sense about a lack of authorization?
I am running a LoRaWAN forwarder. My forwarder is basically doing that, impersonating several sensor.community nodes on behalf of actual nodes, without actually being a node itself. I saw that the firmware has an option to use https towards the server to verify the server is authentic, however without any authentication of the node itself and have been wondering about this somewhat strange security scheme.
Well, I was searching for the api key (in order to submit sensor data using my RasPi), but then noticed that the sensor.community api does not require an api key at all. OpenSenseMap (for example) has the option to enable the api key functions.
there is no need to create access token or anything like that. Sensor UID, which you have to came out yourself acts like password. So don’t share sensor uid with anyone and no one will submits any data unauthorized