Docs
mobileIoT Hardware
Documentation

Device access settings

This section controls the device’s local file upload and JSON API access features:

  • Enable Local File Uploads : Allows or disallows pushing data files to the device via HTTP(S) POST requests.
  • E nable JSON API Access via HTTP (Insecure): Enables or disables access to the device’s JSON API over HTTP for data retrieval.
  • JSON API IPv4 Whitelist : Restricts HTTP JSON API access to specified IP addresses, recommended to limit to trusted LAN subnets for security.

These settings balance convenience of local data management with security considerations, providing flexible control over upload methods and API accessibility.

Enable local file uploads to the device

  • Options: ON/OFF
  • Default: ON
  • Description: Allow or disallow pushing data to the device with HTTPS POST.

Members on the LAN can upload files to the CR3171 via HTTPS POST. The CR3171 will then transfer these files further to the DataPlatform if configured to do so and as soon as an internet connection is available.


Allow access to JSON API via HTTP (insecure)

  • Options: ON/OFF
  • Default: OFF
  • Description: Enable or disable the HTTP JSON API to retrieve device data.

If the JSON API is allowed to communicate via HTTP, the access to the IMEI endpoint is not allowed via HTTP.


JSON API IPv4 whitelist (valid only for HTTP requests)

  • Default: <empty>
  • Description: Restricts access to the JSON API to only a specified list of addresses. Valid only for HTTP GET request.
Recommended:
Bound to LAN network only, e.g. using 192.168.82.1/24 and therefore only allow the 192.168.82.* domain. Making it even more restrictive with e.g. a /29 mask setting is even better.