Erdi ChenFollow


This disclosure describes techniques for secure setup and/or configuration for headless devices using a smartphone or other available device. A smartphone is connected to a headless device via USB and is utilized to perform setup and debug operations related to the headless device. The headless device advertises itself as an accessory device and provides a device ID and vendor ID to the smartphone. An app on the smartphone is launched with the headless device identifier as parameters. Additional communication between the headless device and the smartphone is performed over the connection using a custom protocol or encapsulated HTTP. The internet connection provided by the smartphone is utilized to fetch an authentication token from an external service that is passed to the headless device to perform authenticated setup/provisioning. The device can perform authentication with a shared secret or cryptographic signature as part of initial configuration and/or set up.

Creative Commons License

Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 License.