public sealed class DeviceCredential : IMessage<DeviceCredential>, IEquatable<DeviceCredential>, IDeepCloneable<DeviceCredential>, IBufferMessage, IMessage
Reference documentation and code samples for the Cloud IoT v1 API class DeviceCredential.
A server-stored device credential used for authentication.
[Optional] The time at which this credential becomes invalid. This
credential will be ignored for new client authentication requests after
this timestamp; however, it will not be automatically deleted.
public PublicKeyCredential PublicKey { get; set; }
A public key used to verify the signature of JSON Web Tokens (JWTs).
When adding a new device credential, either via device creation or via
modifications, this public key credential may be required to be signed by
one of the registry level certificates. More specifically, if the
registry contains at least one certificate, any new device credential
must be signed by one of the registry certificates. As a result,
when the registry contains certificates, only X.509 certificates are
accepted as device credentials. However, if the registry does
not contain a certificate, self-signed certificates and public keys will
be accepted. New device credentials must be different from every
registry-level certificate.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-09-04 UTC."],[[["\u003cp\u003eThe latest version of the \u003ccode\u003eDeviceCredential\u003c/code\u003e class is 2.2.0, which is part of the Google Cloud IoT v1 API.\u003c/p\u003e\n"],["\u003cp\u003e\u003ccode\u003eDeviceCredential\u003c/code\u003e is a server-stored credential for device authentication, implementing several interfaces such as \u003ccode\u003eIMessage\u003c/code\u003e, \u003ccode\u003eIEquatable\u003c/code\u003e, \u003ccode\u003eIDeepCloneable\u003c/code\u003e, and \u003ccode\u003eIBufferMessage\u003c/code\u003e.\u003c/p\u003e\n"],["\u003cp\u003eThe class offers two constructors, one default and another that accepts another \u003ccode\u003eDeviceCredential\u003c/code\u003e object for cloning purposes.\u003c/p\u003e\n"],["\u003cp\u003eIt includes properties like \u003ccode\u003eCredentialCase\u003c/code\u003e, \u003ccode\u003eExpirationTime\u003c/code\u003e (an optional timestamp for credential validity), and \u003ccode\u003ePublicKey\u003c/code\u003e for JWT signature verification, with the requirement that the public key must be signed by a registry level certificate when one exists in the registry.\u003c/p\u003e\n"],["\u003cp\u003eThe \u003ccode\u003eDeviceCredential\u003c/code\u003e class in the namespace \u003ccode\u003eGoogle.Cloud.Iot.V1\u003c/code\u003e is found in the \u003ccode\u003eGoogle.Cloud.Iot.V1.dll\u003c/code\u003e assembly.\u003c/p\u003e\n"]]],[],null,["# Cloud IoT v1 API - Class DeviceCredential (2.2.0)\n\nVersion latestkeyboard_arrow_down\n\n- [2.2.0 (latest)](/dotnet/docs/reference/Google.Cloud.Iot.V1/latest/Google.Cloud.Iot.V1.DeviceCredential)\n- [2.1.0](/dotnet/docs/reference/Google.Cloud.Iot.V1/2.1.0/Google.Cloud.Iot.V1.DeviceCredential)\n- [2.0.0](/dotnet/docs/reference/Google.Cloud.Iot.V1/2.0.0/Google.Cloud.Iot.V1.DeviceCredential)\n- [1.2.0](/dotnet/docs/reference/Google.Cloud.Iot.V1/1.2.0/Google.Cloud.Iot.V1.DeviceCredential)\n- [1.1.0](/dotnet/docs/reference/Google.Cloud.Iot.V1/1.1.0/Google.Cloud.Iot.V1.DeviceCredential)\n- [1.0.0](/dotnet/docs/reference/Google.Cloud.Iot.V1/1.0.0/Google.Cloud.Iot.V1.DeviceCredential) \n\n public sealed class DeviceCredential : IMessage\u003cDeviceCredential\u003e, IEquatable\u003cDeviceCredential\u003e, IDeepCloneable\u003cDeviceCredential\u003e, IBufferMessage, IMessage\n\nReference documentation and code samples for the Cloud IoT v1 API class DeviceCredential.\n\nA server-stored device credential used for authentication. \n\nInheritance\n-----------\n\n[object](https://learn.microsoft.com/dotnet/api/system.object) \\\u003e DeviceCredential \n\nImplements\n----------\n\n[IMessage](https://cloud.google.com/dotnet/docs/reference/Google.Protobuf/latest/Google.Protobuf.IMessage-1.html)[DeviceCredential](/dotnet/docs/reference/Google.Cloud.Iot.V1/latest/Google.Cloud.Iot.V1.DeviceCredential), [IEquatable](https://learn.microsoft.com/dotnet/api/system.iequatable-1)[DeviceCredential](/dotnet/docs/reference/Google.Cloud.Iot.V1/latest/Google.Cloud.Iot.V1.DeviceCredential), [IDeepCloneable](https://cloud.google.com/dotnet/docs/reference/Google.Protobuf/latest/Google.Protobuf.IDeepCloneable-1.html)[DeviceCredential](/dotnet/docs/reference/Google.Cloud.Iot.V1/latest/Google.Cloud.Iot.V1.DeviceCredential), [IBufferMessage](https://cloud.google.com/dotnet/docs/reference/Google.Protobuf/latest/Google.Protobuf.IBufferMessage.html), [IMessage](https://cloud.google.com/dotnet/docs/reference/Google.Protobuf/latest/Google.Protobuf.IMessage.html) \n\nInherited Members\n-----------------\n\n[object.GetHashCode()](https://learn.microsoft.com/dotnet/api/system.object.gethashcode) \n[object.GetType()](https://learn.microsoft.com/dotnet/api/system.object.gettype) \n[object.ToString()](https://learn.microsoft.com/dotnet/api/system.object.tostring)\n\nNamespace\n---------\n\n[Google.Cloud.Iot.V1](/dotnet/docs/reference/Google.Cloud.Iot.V1/latest/Google.Cloud.Iot.V1)\n\nAssembly\n--------\n\nGoogle.Cloud.Iot.V1.dll\n\nConstructors\n------------\n\n### DeviceCredential()\n\n public DeviceCredential()\n\n### DeviceCredential(DeviceCredential)\n\n public DeviceCredential(DeviceCredential other)\n\nProperties\n----------\n\n### CredentialCase\n\n public DeviceCredential.CredentialOneofCase CredentialCase { get; }\n\n### ExpirationTime\n\n public Timestamp ExpirationTime { get; set; }\n\n\\[Optional\\] The time at which this credential becomes invalid. This\ncredential will be ignored for new client authentication requests after\nthis timestamp; however, it will not be automatically deleted.\n\n### PublicKey\n\n public PublicKeyCredential PublicKey { get; set; }\n\nA public key used to verify the signature of JSON Web Tokens (JWTs).\nWhen adding a new device credential, either via device creation or via\nmodifications, this public key credential may be required to be signed by\none of the registry level certificates. More specifically, if the\nregistry contains at least one certificate, any new device credential\nmust be signed by one of the registry certificates. As a result,\nwhen the registry contains certificates, only X.509 certificates are\naccepted as device credentials. However, if the registry does\nnot contain a certificate, self-signed certificates and public keys will\nbe accepted. New device credentials must be different from every\nregistry-level certificate."]]