Updated on 2024-11-06 GMT+08:00

Examples

Example 1

When a certificate is used to authenticate a device, the values of UserName and ClientId are not limited. The device ID is obtained from the common name of the device certificate.

Table 1 Authentication parameters

Parameter

Description

Client ID

Any value

User Name

Any value

Password

Empty value

Authentication template:

{
	"template_name": "template1",
	"description": "template1",
	"template_body": {
		"parameters": {
			"iotda::certificate::common_name": {
				"type": "String"
			}
		},
		"resources": {
			"device_id": {
				"Ref": "iotda::certificate::common_name"
			}
		}
	}
}

Example 2

Device ID format: ${ProductId}_${NodeId}

Table 2 Authentication parameters

Parameter

Description

Client ID

Fixed format:

${ClientId}|securemode=2,signmethod=hmacsha256|timestamp=${timestamp}|
  • ${ClientId} (fixed format): ${ProductId}.${NodeId}
    • ${NodeId}: device node ID
    • ${ProductId}: product ID
  • ${timestamp}: Unix timestamp, in milliseconds

User Name

Fixed format:

${NodeId}&${ProductId}

Password

Result value after encrypting the combination of device parameter and parameter value, with the device password as the key and HMAC-SHA256 algorithm as the tool.

Encryption string format:

clientId${clientId}deviceName${nodeId}productKey${productId}timestamp${timestamp}
  • ${ClientId} (fixed format): ${ProductId}.${NodeId}.
  • ${NodeId}: device node ID
  • ${ProductId}: product ID
  • ${timestamp}: timestamp

Authentication template:

{
	"template_name": "template2",
	"description": "template2",
	"template_body": {
		"parameters": {
			"iotda::mqtt::client_id": {
				"type": "String"
			},
			"iotda::mqtt::username": {
				"type": "String"
			},
			"iotda::device::secret": {
				"type": "String"
			}
		},
		"resources": {
			"device_id": {
				"Fn::Join": [{
					"Fn::SplitSelect": [
						"${iotda::mqtt::username}",
						"&",
						1
					]
				}, "_", {
					"Fn::SplitSelect": [
						"${iotda::mqtt::username}",
						"&",
						0
					]
				}]
			},
			"timestamp": {
				"type": "UNIX",
				"value": {
					"Fn::MathDiv": [{
						"Fn::ParseLong": {
							"Fn::SplitSelect": [{
								"Fn::SplitSelect": ["${iotda::mqtt::client_id}", "|", 2]
							}, "=", 1]
						}
					}, 1000]
				}
			},
			"password": {
				"Fn::HmacSHA256": [{
						"Fn::Sub": [
							"clientId${clientId}deviceName${deviceName}productKey${productKey}timestamp${timestamp}",
							{
								"clientId": {
									"Fn::SplitSelect": [
										"${iotda::mqtt::client_id}",
										"|",
										0
									]
								},
								"deviceName": {
									"Fn::SplitSelect": [
										"${iotda::mqtt::username}",
										"&",
										0
									]
								},
								"productKey": {
									"Fn::SplitSelect": [
										"${iotda::mqtt::username}",
										"&",
										1
									]
								},
								"timestamp": {
									"Fn::SplitSelect": [{
										"Fn::SplitSelect": ["${iotda::mqtt::client_id}", "|", 2]
									}, "=", 1]
								}
							}
						]
					},
					"${iotda::device::secret}"
				]
			}
		}
	}
}

Example 3

Device ID format: ${productId}${nodeId}

Table 3 Parameter

Parameter

Description

Client ID

Fixed format:

${productId}${nodeId}
  • ${productId}: product ID
  • ${nodeId}: node ID

User Name

Fixed format:

${productId}${nodeId};12010126;${connid};${expiry}
  • ${productId}: product ID
  • ${nodeId}: node ID
  • ${connid}: random string
  • ${expiry}: Unix timestamp, in seconds

Password

Fixed format:

${token};hmacsha256
  • ${token}: result value after encrypting the User Name field, with the HMAC-SHA256 algorithm as the tool and the Base64-decoded device password as the key.

Authentication template:

{
	"template_name": "template3",
	"description": "template3",
	"template_body": {
		"parameters": {
			"iotda::mqtt::client_id": {
				"type": "String"
			},
			"iotda::mqtt::username": {
				"type": "String"
			},
			"iotda::device::secret": {
				"type": "String"
			}
		},
		"resources": {
			"device_id": {
				"Ref": "iotda::mqtt::client_id"
			},
			"timestamp": {
				"type": "UNIX",
				"value": {
					"Fn::ParseLong": {
						"Fn::SplitSelect": ["${iotda::mqtt::username}", ";", 3]
					}
				}
			},
			"password": {
				"Fn::Sub": [
					"${token};hmacsha256",
					{
						"token": {
							"Fn::HmacSHA256": [
								"${iotda::mqtt::username}",
								{
									"Fn::Base64Decode": "${iotda::device::secret}"
								}
							]
						}
					}
				]
			}
		}
	}
}