Before authenticating with the Ember VPN API, it's crucial to probe the hardware ID (HWID) of the device. This step ensures that authentication is performed with up-to-date and specific device information, enhancing security and preventing the use of stale credentials.
The HWID is a base64-encoded JSON object containing information about the device. The HWID is generated by the client and passed to the Ember VPN API when authorizing clients.
The following fields are required in the HWID payload:
| Property | Description |
|---|---|
hwid | A unique identifier for the device (e.g., serial number, MAC address). |
manufacturer | The company that manufactured the device. |
modelName | The specific model of the device. |
osName | The operating system running on the device. |
You can add additional fields to the HWID payload to add entropy. The data in the payload should be unique to the device and should not change over time.
After creating the JSON payload, you must convert it to base64. In Node.js for example, you can use the following code snippet, assuming that the payload is stored in a variable named payload:
The resulting base64 string is the HWID that you must pass to the Ember VPN API when authorizing clients.
JSON with Comments
{ "hwid": "XX:XX:XX:XX:XX:XX", // A unique identifier for the device (e.g., serial number, MAC address). "manufacturer": "Apple", // The company that manufactured the device. "modelName": "iPhone 15 Pro", // The specific model of the device. "osName": "iOS", // The operating system running on the device. // Additional fields (optional but must not change over time) "supportedCpuArchitectures": ["arm64e"], "totalMemory": 5925339136}
JavaScript
const base64Payload = Buffer.from(JSON.stringify(payload)).toString("base64");console.log(base64Payload); // eyJod2lkIjoiWFg6WFg6WFg6WFg6WFg6WFgiLCJtYW51...