Cloud device identification and authentication

What is claimed is: 1. A method of provisioning a network device to a network using a handheld device, the method comprising: identifying the network device using a unique identifier on the network device; establishing that the unique identifier corresponds to a known device from a list of known devices; communicating a secret string to the network device to establish a trusted session with the network device, the secret string associated with a network address for the network device; establishing a shared authentication key between the network device and the handheld device including receiving the authentication key from the network device; communicating the authentication key to a remote server; and allowing only provisional communication between the remote server and the network device. 2. The method of claim 1 , wherein identifying the network device comprises capturing an optical code on the network device. 3. The method of claim 1 , wherein the secret string includes a service set identifier (SSID) for an unprovisioned network device's default access point or a password for accessing a device's access point via a default SSID. 4. The method of claim 1 , wherein the unique identifier corresponds to a media access control (MAC) address or a universally-unique identifier (uuid). 5. The method of claim 1 , further comprising receiving the secret string from the remote server in response to sending the unique identifier to the remote server. 6. The method of claim 1 , wherein establishing the shared authentication key between the network device and the handheld device comprises receiving the authentication key from a user that enters the authentication key. 7. The method of claim 1 , wherein only provisional communication is allowed between the remote server and the network device until the network device is provisioned. 8. The method of claim 1 , wherein the network device is a wireless access point. 9. A method of provisioning a network device to a network using a user device, the method comprising: obtaining a unique identifier associated with the network device; establishing that the unique identifier corresponds to a known device from a list of known devices; communicating a secret string to the network device to establish a trusted session with the network device, the secret string associated with a network address for the network device; and in response to establishing the trusted session, sending an authentication key from the network device to a remote server, wherein the authentication key is shared between the network device and the user device, to allow only provisional communication between the remote server and the network device. 10. The method of claim 9 , further comprising receiving confirmation from the remote server of authentication of the network device. 11. The method of claim 9 , wherein only provisional communication between the remote server and the network device is allowed until the network device is provisioned. 12. The method of claim 9 , further comprising searching for unprovisioned devices by accessing a default service set identifier (SSID). 13. The method of claim 9 , further comprising refraining from provisioning the network device to operate in a user-specified device site when it is determined that the unique identifier does not correspond to a known device. 14. The method of claim 9 , further comprising transmitting geographic location information associated with the network device to the remote server. 15. The method of claim 9 , further comprising displaying the unique identifier on a display of the user device. 16. The method of claim 9 , wherein obtaining the unique identifier associated with the network device comprises capturing an image of a QR code, bar code, or alphanumeric code on the network device. 17. The method of claim 9 , wherein communicating the secret string to the network device comprises wirelessly communicating the secret string to the network device. 18. The method of claim 17 , wherein the secret string is wirelessly communicated to the network device via a wireless gateway. 19. The method of claim 9 , wherein the user device is a smartphone, tablet, laptop or desktop computer.