Does obtaining an authentication token invalidate previous tokens?

We have a scenario where either a device itself may be transmitting to Losant, or a tablet may identify itself as the device and transmit to Losant on behalf of the device.

We are not using any mechanism to identify that the payloads are coming from a tablet as opposed to the device directly. (i.e., the tablet is not treated as a Gateway; it identifies itself as our device, kind of ‘lying’).

I was under the impression that obtaining a token (in the device), then obtaining a token (using the tablet) would invalidate the device’s token. However, from testing, this does not seem to be the case; we can transmit with a given token, even after obtaining a new one for the same DeviceID. Is this expected?

I’m asking because we’ve noticed an issue where the tablet will occasionally fail to transmit the payloads successfully, whereas the device itself can transmit payloads to Losant. We are working on logging the failure response in the tablet, but any insight would be appreciated.

Are there any severe negative consequences associated with using a tablet as a “gateway” without identifying it as such?

Hi @Alexander_Farley,

Just a couple quick questions to clarify, you are using two separate devices (the tablet and the device) to report to one device in Losant, yes? And if so, both the tablet and the device have different access keys? Just want to make sure I understand your question!

Thanks,
Julia

That’s right: two seperate devices to report one device to Losant.

They use the same application access key in order to obtain a one-time access token whenever they need to transmit measurements.