I am trying to build a simple scenario so that I can control an endpoint "on/off" using Kaa, but I need to know how can I auth the endpoint ? I mean how can I manage that some specific end point that is being controlled ? Also is there any way so that I can identify a point and then allow/deny the connection from the EP to Kaa ? Thanks

For details of endpoint authentication please refer to the Endpoint provisioning and registration documentation. You can use internal credentials service to allows connection to Kaa cluster only to specified list of endpoints whose credentials were previously provisioned to Kaa server.

To control your endpoint by your server-side applications read about Server-side EP profile and Endpoint-groups features.