This paper proposes a delegation-based authentication and authorization scheme for IP-based IoT devices. It describes the DTLS protocol and its requirements that are challenging for resource-constrained devices. The paper presents a design where a delegation server performs the resource-intensive public-key operations during handshake and distributes session tickets for future authentication. Evaluation shows the design reduces computation, memory, and transmission overhead on IoT devices compared to directly using DTLS.