Skip to Main Content
Cumulocity IoT Feedback Portal
ADD NEW FEEDBACK

Authentication & Authorisation

Showing 24

Software Bill of Materials

Regulatory bodies are asking for more data around security of medical devices. I have been recently informed (second hand) that the US regulatory body (FDA) may in the next year or two require a Software Bill of Materials for Medical Device IoT pl...
Dave Presuhn 7 days ago in Cumulocity IoT Platform Services / Authentication & Authorisation 1 Already supported

Support User Functionality at Enterprise Tenant Level also

I raised two requests for support user functionality to enable a couple of business requirements for OEM customers like us. 1. We planned to leverage SaaS enterprise tenants in some regions compared to dedicated deployment in the NA region. We are...
Venkatesu Punugupati about 2 months ago in Cumulocity IoT Platform Services / Authentication & Authorisation 4 Future consideration

The Trusted Root Certificates should support the same Certificate on multiple tenants within an enterprise tenant

The Trusted Root Certificates should support the same Certificate on multiple tenants within an enterprise tenant. Itron supports many Trusted Root certificates and generates them as needed per manufacturing needs. What currently occurs is that if...
Andrew Nowak about 2 months ago in Cumulocity IoT Platform Services / Authentication & Authorisation 0 Future consideration

Add the customizable placeholder for password change in Enterprise tenant

Hi, We have a request to add placeholder that customer can customize for password change. For security reason, the token for password change cannot be obtained by API. The token is only available in the following placeholder set in Enterprise ...
Guest 3 months ago in Cumulocity IoT Platform Services / Authentication & Authorisation 1 Future consideration

Enable read-only access to certificates

We have multiple teams using certificates for mutual authentication. During their development it would be very useful for them to be able to see the trusted certificates. Right now I can grant them admin rights to certs but that lets them change t...
Dave Presuhn 4 months ago in Cumulocity IoT Platform Services / Authentication & Authorisation 1 Future consideration

Display message for Password reset email sent can be improved

Currently when the user tries to reset password using forgot password option, with wrong email id which doesn't exists, gets a standard display message that the "Password request has been sent. Please check your email". It is quite misleading to h...
Mohammed Ali Khan 9 months ago in Cumulocity IoT Platform Services / Authentication & Authorisation 1 Future consideration

Enable quick means to stop communication with devices

If the platform gets compromised, right now the only way to stop devices from communicating is to temporarily disable device communications and then re-enable when the compromise is resolved. That can take time with a large fleet - during which th...
Dave Presuhn 10 months ago in Cumulocity IoT Platform Services / Authentication & Authorisation 3 Already supported

Password-change UX should consider server-synchronization

When a user changes the password (today in Cumulocity v10.15), the UX provides a success-message of the change without any conditions. However, the password may not be usable for some additional minutes as the change has not been synchronized acro...
Christoph Marschall about 1 year ago in Cumulocity IoT Platform Services / Authentication & Authorisation 1 Likely to support/improve

Add PKCE to single sign-on

Add support for PKCE (https://www.rfc-editor.org/rfc/rfc7636) in the authorisation code grant flow when configuring single sign-on as an authentication method. This is related to C8YCORE-I-311.
Guest over 1 year ago in Cumulocity IoT Platform Services / Authentication & Authorisation 1 Future consideration

Restrict admin console to certain IP address space

By restricting access to the admin portal (Cockpit, device management, etc) to certain IP address ranges, we can restrict admins to only accessing admin functions while on our corporate network. This will improve security by making the admin apps ...
Dave Presuhn over 1 year ago in Cumulocity IoT Platform Services / Authentication & Authorisation 1 Future consideration