Referring to Initiate Authenticate API document

Sample of Initiate Authenticate call contains device signature like below

{
    "subject": "nbruce",
    "channel": "web",
    "ipAddress": "10.10.123.124",
    "action": "authenticate",
    "rememberMe": true,
    "device": {
        "signature": {
            "iaAuthData": "_v02MyUgNGgYOi88OTk0emB7ZXV9GDQ......"
        }
    }
}

What is the significance of this Device Signature in this call. How can we generate it?

Release : 2.1.x

Referring to below documentation with regards to Device Signature

Information Stored in the Authentication Hub Database

it says

The device signature is a collection of device-specific attributes like os details, browser details, screen details, time zone, language details, etc. Similarly, for mobile devices, the device signature consists of mobile OS details, device name, model, wifi mac address, screen size, etc. These are collected using js or mobile SDK that is invoked from client applications and passed to the Authentication Hub server in encoded form.

So this 'device signature/fingerprint' is generated using js or mobile SDK within the client application. Please refer below SDK documentation.

SDK for Risk Web

You may send request for Authentication calls without device signature, and it should work, however the risk score can remain high.