to get push notifications I must enable nuki web, per default nuki Web gets remote unlock access. Can I use push notifications without the remote access? I have disable the remote access for nuki web and the protocol was not longer updated in nuki web. Is the protocol access a requirement for the push notifications?
No. If the server would not be able to read the logs he would also not be able to push them in clear text.
Is there a way to split the access to protocol/push and remote access for open? To enhanced the security.
You can activate 2 factor authentication within Nuki Web, which gives you protection against someone else logging in with your credentials.
I use 2FA already, my fear is not primarily my account instead of a other event that perhaps unlocks random via nuki web. And if the user have no permission the risk is much lower. But I don‘t want to miss the push notifications.
It would be great if particular actions through particular channels could be blocked/allowed directly in the smartlock itself. It could greatly improve security against remote access endpoints. For example I can benefit from all web features except unlocking. The same for Bridge API. I can use Bridge API callbacks, remote lock but NOT unlock.