A workspace [may be configured](/developers/api/clients/security#device-authorization) so that customers must confirm logging in from unknown devices.

When a customer registers, the device they are using is added to the list of known devices automatically.

## Authenticating devices by email token

Method reference available [here](https://developers.synerise.com/ClientManagement/ClientManagement.html#operation/authenticateDevice).

**Prerequisites**:  
[Email sender integration](/docs/settings/tool/integrating-email-providers) must be enabled.

When a customer logs in from a new device, an authentication token is sent to the customer's email address. The device is not allowed to log in to the customer's account until that token is sent.


<pre><code class="language-plaintext">curl --request GET 
  --url https://{SYNERISE_API_BASE_PATH}/sauth/client/device-control/53b1e613-826b-4b9e-8ee3-2ff7dde2f1e4</code></pre>


## Adding device to current account

Method reference available [here](https://developers.synerise.com/ClientManagement/ClientManagement.html#operation/LinkAClientDeviceToCurrentlyLoggedInClient).

You can add a device to the trusted device list of the currently authenticated customer.

`deviceId` is the only obligatory parameter. The format of the ID depends on the OS.


<pre><code class="language-plaintext">curl --request POST 
  --url https://{SYNERISE_API_BASE_PATH}/v4/my-account/linked-devices 
  --header 'authorization: Bearer eyJh...JxkM5o' 
  --data '{
      "deviceId":"ec9d4410-4048-43e5-b755-f7d53d00656c",
    }'</code></pre>