The unauthenticated local request feature enables API calls to be made within the IoT Server on a local basis. This functionality is particularly utilized by certain nodes to facilitate interaction between the Data Flow and the Studio application. It allows for seamless internal communication within the server's ecosystem without the need for authentication in these specific instances.
The configuration toggle to enable / disable Unauthenticated local request is located on the Machine configuration section within the IoT server configuration application.
This configuration permits an API request from Data Flow to the Data Flow Manager API without requiring authentication. Such a setting could pose a security risk to your IoT server. Consequently, a warning pop-up will appear to seek your confirmation for this change. It is crucial to read this warning thoroughly and proceed only if you fully understand the implications. If you acknowledge and accept the potential security risks, you can finalize this configuration by clicking on the Confirm button.
Upon confirming the activation or deactivation, a green toaster notification will appear to verify that the setting has been successfully applied.