[Chloe Hexnode 2 June 2023 Chloe Moderator]

Hello @jim-johnston, welcome to Hexnode Community!

Yes, you’re right. UDID or any such device information does stand the chance of getting leaked. Maybe you could try a combination of device information, like, say, Device ID, Serial Number and IMEI number? (http://example.com/%deviceid%/%serialnumber%/%devicename%/%imei%)

I know it isn’t ideal and doesn’t guarantee secure authentication, but we do not have a feasible solution for it as yet. You could create a combination known only to Hexnode admins and keep changing it regularly to reduce the chances of unsolicited access to the web app. For instance, http://example.com/%deviceid%/%serialnumber%/%devicename%/%imei%/%assettag% is one of the many possible combinations.

Please get back to us in case of further queries.

Regards,
Chloe Edison
Hexnode UEM

[Jim Participant 5 June 2023 Jim Participant]

Thanks Chloe, that clears up a lot for me!

I think I could generate a secret key that changes at some interval and use the API to set this key as a device attribute under the asset tag (like you have in your example).

https://www.hexnode.com/mobile-device-management/developers/actions/edit-device-attribute/

Cool stuff!

Thanks for your help

[Audrey Hexnode 5 June 2023 Audrey Moderator]

Hey @jim-johnston,

Although I am not the intended recipient of your gratitude, I must say, it still made my day.

Chloe is on vacation right now, and unable to receive your gratitude directly. But I promise to promptly relay the message to her.

In the meantime, if you have any more questions or need further assistance, you can always reach out to us.

Best Regards,
Audrey Black
Hexnode UEM