Infuse IoTInfuse Docs
DocsGuidesAPI ReferenceResourcesConsole
Get StartedAdmin CenterIoTDBMarketplaceAnalyticsConcepts
Infuse IoT

Provisioning

Register devices, derive provisioning keys, and issue connectivity credentials.

Provisioning connects a physical or logical device to Infuse IoT so it can authenticate and communicate with the platform.

Current Infuse IoT provisioning is API-led. Your backend should own the workflow, keep admin credentials server-side, and persist the returned device identifiers and provisioning material in your own secure systems.

Infuse IoT currently uses the legacy organisation-level admin token flow described in API Tokens. Do not expose Infuse IoT admin credentials in browsers, mobile apps, firmware repositories, or customer-visible examples.

Provisioning Flow

  1. Resolve or create the owning organisation with GET /organisation or POST /organisation.
  2. Resolve or create the board profile with GET /board or POST /board.
  3. Resolve or create a network with GET /network or POST /network if your deployment model uses networks.
  4. Create the device with POST /device, including mcuId, boardId, organisationId, and any metadata you need for reconciliation.
  5. Fetch the cloud public key with GET /key/publicKey.
  6. Generate shared or derived device key material with /key/sharedSecret and /key/derived/device.
  7. Generate an organisation-scoped MQTT token with POST /mqtt/token when your device or broker integration needs MQTT access.
  8. Confirm the device can communicate by reading state or last-route data.

Key Workflows

Infuse IoT exposes key endpoints for secure provisioning and device communication:

TaskEndpoint
Fetch current cloud public keyGET /key/publicKey
Generate a shared secret from a device public keyPOST /key/sharedSecret
Derive a device encryption keyPOST /key/derived/device

Keep key derivation and secret handling inside trusted backend or manufacturing systems. Device-specific credentials should be rotated if a device is replaced, reassigned, or exposed.

Connectivity Credentials

Use POST /mqtt/token to issue a short-lived MQTT token scoped to an organisation. The request includes organisationId and ttlSeconds; the response includes the token, issue time, and expiry time.

MQTT tokens are not a replacement for long-term credential management. Issue them from a trusted backend and respect the expiry time in device or gateway code.

Related Endpoints

GroupEndpoint
OrganisationsGET /organisation, POST /organisation, GET /organisation/id/{id}, GET /organisation/name/{name}
BoardsGET /board, POST /board, GET /board/id/{id}
NetworksGET /network, POST /network
DevicesPOST /device, GET /device/deviceId/{deviceId}, GET /device/id/{id}
KeysGET /key/publicKey, POST /key/sharedSecret, POST /key/derived/device
MQTTPOST /mqtt/token

For a full sequence, see Connect an IoT Device.

Devices

Understand the Infuse IoT device registry, identifiers, metadata, state, and route lookups.

Telemetry

Track device state, routes, logger progress, KV entries, and downstream data flow.