The Device Settings tab allows you to toggle API authentication on and off for individual hubs. We recommend using the Select All checkbox to ensure that every hub gets the same setting.
Should I enable API authentication?
Disabling API authentication is not allowed when remote access is enabled.
Why does API authentication matter? API authentication determines whether a Design Studio session or the API can connect to the installation.
When API authentication is enabled, the N4 will authenticate any message’s OAuth token against an onboard database of past tokens, and then against Ketra’s cloud database of authorized tokens. However, if there is no Internet connection, the N4 will only be able to access its onboard database. That means it will only accept tokens it has encountered in the past. One consequence might be that the N4 refuses access to legitimate users who have different OAuth tokens or are working from a different Design Studio session. Therefore, authentication is recommended for N4 networks that have an Internet connection.
Conversely, when API authentication is disabled, the N4 will accept any message it receives via Ethernet without checking its access token. If the N4 network has an Internet connection, disabling authentication could allow any user on the Wifi network to send messages via the API. However, if the N4 network does not have an Internet connection, disabling authentication may be necessary to ensure that new OAuth tokens (from new Design Studio sessions or from other API users) are granted access to the installation.
How to toggle API authentication on and off:
1. In Design Studio, navigate to the Device Settings tab.
2. In the Settings For dropdown (top-left), select “Hubs”.
3. Use the Select All checkbox to highlight all N4 Hubs.
4. In the Modify Hub Settings pane, use the dropdown to set API Authentication to “Enabled” or “Disabled”.
5. Click Apply To Selected.
