Provisioning
Provisioning connects a physical or logical device to Infuse-IoT Cloud so it can authenticate and communicate with the platform.
Production provisioning is still usually API-led. Your backend, manufacturing system, gateway, or commissioning tool should own device creation, key derivation, credential handling, and persistence of returned identifiers.
The console helps with adjacent setup and operations: create boards, create networks, inspect devices after they exist, generate MQTT tokens, dispatch test commands, and review state. Do not use the console as the primary system of record for high-volume provisioning.
Console-Assisted Setup
Before automating device registration, you can use the console to prepare or verify shared resources:
- Open Infuse IoT > API Access and confirm the linked Infuse IoT organisation ID.
- Open Boards and create the board profile if it does not already exist.
- Open Networks and create the network if your deployment model requires one.
- Use the API-led provisioning flow to create devices and derive key material.
- Return to Devices to confirm the device appears and starts reporting state.
Provisioning Flow
- Resolve or create the owning organisation with
GET /organisationorPOST /organisation. - Resolve or create the board profile with
GET /boardorPOST /board. - Resolve or create a network with
GET /networkorPOST /networkif your deployment model uses networks. - Create the device with
POST /device, includingmcuId,boardId,organisationId, and any metadata you need for reconciliation. - Fetch the cloud public key with
GET /key/publicKey. - Generate shared or derived device key material with
/key/sharedSecretand/key/derived/device. - Generate an organisation-scoped MQTT token with
POST /mqtt/tokenwhen your device or broker integration needs MQTT access. - Confirm the device can communicate by reading state or last-route data.
Key Workflows
Infuse-IoT Cloud exposes key endpoints for secure provisioning and device communication:
| Task | Endpoint |
|---|---|
| Fetch current cloud public key | GET /key/publicKey |
| Generate a shared secret from a device public key | POST /key/sharedSecret |
| Derive a device encryption key | POST /key/derived/device |
Keep key derivation and secret handling inside trusted backend or manufacturing systems. Device-specific credentials should be rotated if a device is replaced, reassigned, or exposed.
Connectivity Credentials
Use POST /mqtt/token or Infuse IoT > API Access to issue a short-lived MQTT token scoped to the linked Infuse IoT organisation. The response includes the token, issue time, and expiry time.
MQTT tokens are not a replacement for long-term credential management. Issue them from a trusted backend for production integrations and respect the expiry time in device or gateway code.
Related Endpoints
| Group | Endpoint |
|---|---|
| Organisations | GET /organisation, POST /organisation, GET /organisation/id/{id}, GET /organisation/name/{name} |
| Boards | GET /board, POST /board, GET /board/id/{id} |
| Networks | GET /network, POST /network |
| Devices | POST /device, GET /device/deviceId/{deviceId}, GET /device/id/{id} |
| Keys | GET /key/publicKey, POST /key/sharedSecret, POST /key/derived/device |
| MQTT | POST /mqtt/token |
For a full sequence, see Connect an IoT Device.