Securing access – unveiling API keys and authentication
Before heading into the meat of the chapter, we first need to talk about the authentication mechanism of the platform. The Arduino IoT Cloud uses a token authentication mechanism to validate API requests. This involves the SDK/tool sending the Client ID and Client Secret to https://api2.arduino.cc/iot/v1/clients/token to get a token that is used later to authenticate for requests/responses.
Before we get started with the SDK installation and testing with Postman, we need to set up the API in the Arduino Cloud that will provide us the Client ID and Secret. In older versions of the interface, the API options are under the Integrations tab, but have now moved to the Arduino Cloud, which is available at https://cloud.arduino.cc/home/.
After visiting the Integration page click on API Keys and you will be taken to the API page. Click on CREATE API KEY. A popup will appear; provide a name for the API and click on the CONTINUE...
