Systems and methods are provided for mitigating denial-of-service attacks that can disrupt onboarding internet-of-things (IoT) devices onto a network and ensuring legitimate IoT devices are onboarded. Example implementations include receiving, at an access point (AP) from a device, a chirp signal comprising a hash of data including a first public key of an IoT device. Upon verification of the first public key, the AP generates a context based on a first public key received from the authenticator. The context comprises information for onboarding the IoT device without subsequent communications between the AP, configurator and the authenticator. The AP can use the context to create and transmit authentication authorization requests responsive to chirp signals. In some examples, a chirp table can be created by a configurator for tracking severing APs. The chirp table can be utilized in provisioning APs for future chirp signals as needed.