SM enables DHCP with ICC , this is zero-touch configuration feature from 13.3 onward .
More details can be found at the following webinar
http://community.cambiumnetworks.com/t5/PMP-450/Zero-Touch-Configuration-webinar/m-p/47270#M1628
Basically SM enables DHCP after registering with AP to get configuratin file URL using DHCP option 66.
Yes SM will fallback to default IP if no DHCP server found.
So essentially an ICC SM can bypass authentication and get configuration file (using DHCP option 66) .
This configuration file can contain radius certificate,username, shared secret,color code etc.
Configuration will be appied to SM and it reboot (SM can be rebooted when configuration file changes are applied, this can be controlled using configu file attribute "rebotIfRequired" set to true) .
Next time SM boots up, it wont bypass authentication and will get authenticated with RADIUS server, where administartor can further push few other configuration like MIR/CIR etc.
Note: For an ICC SM , DHCP will ONLY be enabled if IP address is default i.e. 169.254.1.1
@Steph: in your case problem seems to be ICC SM enabled DHCP and you dont have DHCP server , but after couple of minutes of timeout SM will fallback to 169.254.1.1 and you can access it.