Control access to Azure IoT Hub Device Provisioning Service (DPS)
This article describes the available options for securing your Azure IoT Hub Device Provisioning Service (DPS). The provisioning service uses authentication and permissions to grant access to each endpoint. Permissions allow the authentication process to limit access to a service instance based on functionality.
There are two different ways for controlling access to DPS:
- Shared access signatures lets you group permissions and grant them to applications using access keys and signed security tokens. To learn more, see Control access to DPS with shared access signatures and security tokens.
- Microsoft Entra integration (public preview) for service APIs. Azure provides identity-based authentication with Microsoft Entra ID and fine-grained authorization with Azure role-based access control (Azure RBAC). Microsoft Entra ID and RBAC integration is supported for DPS service APIs only. To learn more, see Control access to DPS with Microsoft Entra ID (Public Preview).