Help Center/ IoT/ API Reference/ Northbound API Reference/ Device Management/ Refreshing a Device Key
Updated on 2022-02-24 GMT+08:00
View PDF

Refreshing a Device Key

Typical Scenario

If the unique identification code of a device that has been registered with the IoT platform changes (for example, a device is replaced), an NA needs to call this API to update the unique identification code of the device and rebind the device.

NOTE:

The device password can be updated only when the device is offline.

API Function

This API is used by an NA to update the node ID of a device that has been registered with the IoT platform, and rebind the device with the device ID unchanged.

API Prototype

Method

PUT

URL

https://server:port/iocm/app/reg/v1.1.0/deviceCredentials/{deviceId}?appId={appId}

Transport Protocol

HTTPS

Request Parameters

Parameter

Mandatory or Optional

Type

Location

Description

app_key

Mandatory

String

header

Identifies an application that can be accessed on the IoT platform. The value of this parameter is allocated by the IoT platform when the application is created on the platform.

Authorization

Mandatory

String

header

Indicates the authentication information for accessing the IoT platform. The value is Bearer {accessToken}, in which {accessToken} indicates the access token returned by the Authentication API.

deviceId

Mandatory

String(256)

path

Uniquely identifies a device. The value of this parameter is allocated by the IoT platform during device registration.

appId

Optional

String

query

Identifies an application that can be accessed on the IoT platform. The value of this parameter is allocated by the IoT platform when the application is created on the platform. Set this parameter to the value of appId of the authorized application.

nodeId

Optional

String(256)

body

Uniquely identifies a device. Generally, the MAC address, serial number, or IMEI is used as the node ID.

Set this parameter if you need to update the node ID of a device. Otherwise, leave it empty.

NOTE:

When the IMEI is used as the node ID, the node ID varies depending on the chipset provided by the manufacturer.

  • The unique identifier of a Qualcomm chip is urn:imei:xxxx, where xxxx is the IMEI.
  • The unique identifier of a HiSilicon chip is the IMEI.
  • For details about the unique identifiers of chipsets provided by other manufacturers, contact the manufacturers.

timeout

Optional

Integer

body

Indicates the validity period for device registration. A device must be bound within the validity period. Otherwise, the registration information will be deleted.

The value ranges from 0 to 2147483647. If this parameter is set to 0, the device verification code is always valid. (The recommended value is 0.)

The default value is 180. The default value can be configured. For details, contact the IoT platform maintenance personnel.

Unit: seconds

verifyCode

Optional

String(256)

body

Indicates the verification code of the device. If this parameter is specified in the request, it is returned in the response. If this parameter is not specified in the request, it is automatically generated by the IoT platform. You are advised to set this parameter to the value of nodeId.

In the NB-IoT solution, this parameter is mandatory and must be set to the same value as nodeId.

Response Parameters

Status Code: 200 OK

Parameter

Type

Description

verifyCode

String(256)

Indicates the device verification code, with which the device can get authenticated and connect to the IoT platform. If this parameter is specified in the request, it is returned in the response. If this parameter is not specified in the request, it is automatically generated by the IoT platform.

timeout

Integer

Indicates the validity period of the verification code, in seconds. The device must connect to the IoT platform within this period.

Request Example

Method: PUT
Request:
https://server:port/iocm/app/reg/v1.1.0/deviceCredentials/*************?appId=*************
Header:
app_key: ******
Authorization: Bearer ******
Content-Type: application/json
Body:
{
  "verifyCode": "****************",
  "nodeId": "********",
  "timeout": 300
}

Response Example

Response:
Status Code: 200 OK
Content-Type: application/json
Body:
{
  "verifyCode": "AE10-12424-12414",
  "timeout": 300
}

Error Codes

HTTP Status Code

Error Code

Error Description

Remarks

200

100217

The application hasn't been authorized.

The application has not been authorized.

Recommended handling: In scenarios where applications are not authorized, ensure that request parameter appId is null.

400

100003

Invalid verify code.

The verification code is invalid.

Recommended handling: Check whether verifyCode carried in the API request is correct. If verifyCode is not carried in the API request, contact IoT platform maintenance personnel.

400

100007

Bad request message.

The request message contains invalid parameters.

Recommended handling: The value of deviceId is not assigned. Set this parameter based on the description of request parameters.

400

100426

The nodeId is duplicated.

The value of nodeId is duplicated.

Recommended handling: Check whether nodeId carried in the API request is correct.

400

100610

Device is not active.

The device has not been activated.

Recommended handling: Check whether the device has been connected to the IoT platform and activated.

400

100611

Device is online.

The device is online.

Recommended handling: Enable the device to go offline or disconnect the device from the IoT platform.

400

50400

The input is invalid.

An input parameter is invalid.

Recommended handling: Check whether parameters carried in the API call request are valid.

401

100025

AppId for auth not exist.

The application ID used for authentication does not exist.

Recommended handling:

  • Check whether the value is assigned to app_key in the header of the request structure.
  • If this API is called using HTTP, contact IoT platform maintenance personnel to check whether the name of appId in the header is app_key or x-app-key.

403

100203

The application is not existed.

The authorized application does not exist.

Recommended handling:

  • Check whether appId carried in the HTTP request header is correct.
  • Check whether appId in the request path (URL) is correct.

403

100217

The application hasn't been authorized.

The application has not been authorized.

Recommended handling: In scenarios where applications are not authorized, ensure that request parameter appId is null.

403

1010009

app throttle exceed.

The NA calls the API at a frequency that exceeds the flow control threshold (100 calls per minute by default).

Recommended handling: Contact IoT platform maintenance personnel to adjust the flow control threshold or control the API call frequency.

403

1010005

App_key or access_token is invalid.

The access token is invalid.

Recommended handling: Check whether accessToken carried in the API request is correct.

404

100403

The device is not existed.

The device does not exist.

Recommended handling: Check whether deviceId is correct.

404

100418

The deviceData is not existed.

The device data does not exist.

Recommended handling:

  • If deviceId carried in the request is incorrect, check whether deviceId belongs to appId or whether deviceId is incorrect.
  • Check whether appId carried in the header contains deviceId.
  • If the URL contains the optional parameter appId, check whether the value of appId is correct.

500

100203

The application is not existed.

The application does not exist.

Recommended handling:

  • Check whether appId carried in the HTTP request header is correct.
  • Check whether appId in the request path (URL) is correct.

500

50252

Internal server error.

An internal server error occurs.

Recommended handling: An internal error occurs on the IoT platform. Contact IoT platform maintenance personnel.
Parent topic: Device Management