Group Key
The Group Key is a core credential within the ZopToken device onboarding system.
It is used to bind one or more devices to a specified user, organization, device group, or service provider cluster.
Typical Use Cases
Group Key is suitable for:
- Individual users binding their own Mac devices
- Studios managing multiple devices
- Service providers onboarding devices in bulk
- Data centers onboarding by cluster
- Identifying onboarding sources in beta environments
Binding Relationships
A single Group Key may correspond to:
- One user
- One organization
- One device group
- One service provider
- One data center cluster
The specific correspondence is subject to the current platform configuration.
Binding Devices
After entering a Group Key in the macOS App or onboarding program, the platform will perform verification.
Upon successful verification, the device will be registered under the corresponding Group.
Security Recommendations
- Do not publicly share your Group Key.
- Do not write your Group Key in public documentation.
- Do not send screenshots containing your Group Key to public groups.
- When a device is decommissioned, transferred, or taken offline, unbind it promptly.
- If a leak is suspected, contact the platform side for assistance.
Future Capabilities
The platform may support the following in the future:
- Group Key rotation
- Group Key revocation
- Device binding quantity limits
- Group-level permission management
- Service provider sub-account management
- Bulk device import
The above capabilities are subject to the actual version.