Before authenticating with the Ember VPN API, it's crucial to probe the hardware ID (HWID) of the device. This step ensures that authentication is performed with up-to-date and specific device information, enhancing security and preventing the use of stale credentials.
Purpose of HWID Probing
- Device Identification: Allows users to easily recognize and manage devices connected to their Ember VPN account.
- Single Authorization Token per Device: Ensures that each device is associated with a unique authorization token, enhancing security and simplifying token management.
- Account Security: Helps in monitoring and controlling device access to the user's VPN account, preventing unauthorized use.
Generating the HWID
The HWID is a base64-encoded JSON object containing information about the device. The HWID is generated by the client and passed to the Ember VPN API when authorizing clients.
Required Fields
The following fields are required in the HWID payload:
| Property | Description |
|---|---|
hwid | A unique identifier for the device (e.g., serial number, MAC address). |
manufacturer | The company that manufactured the device. |
modelName | The specific model of the device. |
osName | The operating system running on the device. |
You can add additional fields to the HWID payload to add entropy. The data in the payload should be unique to the device and should not change over time.
Example JSON Payload
Convert JSON to Base64
After creating the JSON payload, you must convert it to base64. In Node.js for example, you can use the following code snippet, assuming that the payload is stored in a variable named payload:
The resulting base64 string is the HWID that you must pass to the Ember VPN API when authorizing clients.
