Validation of CPI identityStay organized with collectionsSave and categorize content based on your preferences.
According to the WInnForum requirements, certain CBSDs require that a Certified Professional
Installer (CPI) validates the installation parameters before they are sent to the SAS.
Figure 1.CPI identity validation flow
In the SAS Portal API, we need to validate that a given user has a valid CPI certification before
they can call theSignDevice()method. We achieve this with the following two-step validation method:
A user with therole_cpirole calls theGenerateSecret()method, which returns a secret.
The user signs the secret with their private key and uses theValidateInstaller()method to send the encoded version back as aJWT, along with their CPI ID and
the original secret. For more details about token creation, seeJSON Web Token format.
The CPI role privileges become effective only after a user with therole_cpirole
successfully completes the CPI validation flow.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Missing the information I need","missingTheInformationINeed","thumb-down"],["Too complicated / too many steps","tooComplicatedTooManySteps","thumb-down"],["Out of date","outOfDate","thumb-down"],["Samples / code issue","samplesCodeIssue","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2023-12-05 UTC."],[],["Certified Professional Installers (CPIs) must validate installation parameters for certain CBSDs. The process involves two steps via the SAS Portal API: First, a user with `role_cpi` obtains a secret using `GenerateSecret()`. Second, they sign the secret with their private key and submit it via `ValidateInstaller()`, along with their CPI ID, using a JWT. This validates the CPI's identity, granting them CPI role privileges, enabling them to use the `SignDevice()` method. The user must be logged in and use HTTPS.\n"]]
