Mistake on this page? Email us

Application access management

For your application to access Pelion Device Management services, you need to:

  1. Create an application.
  2. Configure the application's access method.

Application access management

  • The subscriptions and notification channel are application specific. Devices are available for all applications in the account.
  • An application can have multiple access keys. This enables new key to be deployed without downtime. You create new keys, deploy them and then delete old ones.

Tip: With a commercial account, you can have up to 25 applications at a time, instead of four. See Choosing your account type for more information about the other benefits of commercial accounts and how to upgrade a free account to a commercial account.

Creating an application

First, you must create a application in Pelion Device Management.

In Portal: Creating an application

  1. Go to Access Management > Applications.

  2. Click New Application.

    The Create Application pop-up opens.

  3. Give the application an easily recognizable name. The name must be unique.

  4. Give a description for the new application.

  5. Choose a group the new application will be associated with.

  6. Click Create application.

Using the API: Creating an application


Use the /v3/applications endpoint to create a new application.

You can only perform this action if you authenticate it with an administrator's access key. You must already have at least one key with administrator rights before you can use the APIs to create any other keys.

Choosing the type of key for application access

An application can connect to Pelion Device Management with either:

Both types of key give the application access to the Pelion Device Management REST APIs. The differences between the two key types are who generates the key and how Pelion Device Management verifies the key:

Key type Generated by Verified when Pelion Device Management
Access key Pelion Device Management Checks the key's secret, which is hashed and stored on the server like a password
JWT key You Checks the key's signature with the verification key (public certificate) stored on the server