Hello,
First of all: devices.sensor.community has a really nice WebUi and is very functional. Well done 
Would it be possible to add a (optional) “Access Token/Authentication” function to the sensor.community API in order to prevent unauthorized data submission?
Thank you 
Example:
Just wondering, why are you asking about this?
Are you worried that someone would be submitting false information on your behalf?
Do you think this might already be happening in the sensor network?
Or are you worried in a general sense about a lack of authorization?
I am running a LoRaWAN forwarder. My forwarder is basically doing that, impersonating several sensor.community nodes on behalf of actual nodes, without actually being a node itself. I saw that the firmware has an option to use https towards the server to verify the server is authentic, however without any authentication of the node itself and have been wondering about this somewhat strange security scheme.
Well, I was searching for the api key (in order to submit sensor data using my RasPi), but then noticed that the sensor.community api does not require an api key at all. OpenSenseMap (for example) has the option to enable the api key functions.
there is no need to create access token or anything like that. Sensor UID, which you have to came out yourself acts like password. So don’t share sensor uid with anyone and no one will submits any data unauthorized
Hi,
Thanks for the reply :-).
sensor UID is the ChipID of the NodeMCU or something else?
The serial (ChipID) is public accessible via https://api-rrd.madavi.de:3000/grafana/
But i may be wrong…
these are two different thinks. Why you don’t register one sensor and check:
https://devices.sensor.community/sensors/register
