Authentication for open source MQTT-hosted devices
This topic describes how devices that connect directly to an MQTT-based instance use the open source MQTT protocol to register and authenticate using custom credentials (Username, Password, and Serial Number (SN)).
Background information
If your scenario requires only MQTT connections and message uplink and downlink, you can reduce usage costs using the Username, Password, and SN as the device secret for identity authentication when a device connects to an IoT Platform MQTT-based Enterprise instance.
Authentication flow
Create a product: When you create the product, configure its parameters as needed.
Add devices in a batch: For the product that you created, import the device credentials in a batch. The credentials include the SN (optional), MQTT Username, and MQTT Password.
Develop the device.
On the device, enable the Server Name Indication (SNI) extension of the SSL/TLS protocol and configure the access domain name.
For sample code and parameter settings to connect the device to IoT Platform, see Open source MQTT-hosted device connection example.
Connect and authenticate the device.
After the device is powered on and connected to the network, it sends an authentication request that contains the device credentials to IoT Platform.
Activate the device and bring it online.
After IoT Platform verifies the device credentials, it establishes a connection with the device. The device can then communicate with IoT Platform using custom message topics.
The communication method is the same as for cloud gateway devices. For more information, see Message communication.