Hello i am trying to fetch devices present/registered at IOTHUB via RESTAPI. But i am confused how to fetch all devices.
I have read the documentation here : IoT Hub Service - Get Devices
But When i send a request i am getting an error
"Message": "ErrorCode:IotHubUnauthorizedAccess;Unauthorized",
"ExceptionMessage": "Tracking ID:a795ee1f7ae04adfa600333e45e9aa09-G:5-TimeStamp:06/29/2020 14:32:56"
Is there any auth token to provide in order to get devices?
So for a quick start on this we can use Postman with Azure IoT Hub Query language..+ SAS token for authorization.
Step 1: Generate the SAS token as said by Matthijs, Also we can quickly make use of Device Explorer tool Or Use this link to find the SetupDeviceExplorer.msi. Copy the generated SAS token fully.
Step 2: Construct the Query body.
the POST query looks like this sample. See Registry Manager - Query Iot Hub
POST
https://IOTHUB.azure-devices.net/devices/query?api-version=2020-03-13
{
"query": "SELECT deviceId FROM devices"
}
Step 3: Authorization use SAS token, and send the request to test it out.
A similar thread answered by RomanKiss can be read from Get all devices from IoT Azure Hub.
Please let us know if you know further help!
You can call the rest API using the Shared Access Signature. To get a valid token, you can use the Azure CLI like so:
az iot hub generate-sas-token -n <IoT hub name> --policy registryRead
This will produce an output like:
{
"sas": "SharedAccessSignature sr=iothubname.azure-devices.net&sig=kPszxZZZZZZZZZZZZZZZZZAhLTILsVpT0tp5sRSWiDZ0%3D&se=1593446477&skn=registryRead"
}
Then you need to use the value of "sas" as your Authorization header when you do your GET request. Curl example:
curl --location --request GET 'https://iothubname.azure-devices.net/devices?api-version=2019-07-01-preview' \
--header 'Authorization: SharedAccessSignature sr=iothubname.azure-devices.net&sig=kPszxZZZZZZZZZZZZZZZZZAhLTILsVpT0tp5sRSWiDZ0%3D&se=1593446477&skn=registryRead'
Related
I am trying to grant access to IoT Hub based on Azure AD. But when I try to get token, it is throwing this error in Postman
####### Update ######
I have already created the Application in Azure AD
The resource field should be the static ID of all IoT Hub service principals. Try this instead of the hostname:
89d10474-74af-4874-99a7-c23c2f643083
Here is another approach:
I tried to reproduce the same in my environment and got the results successfully like below:
I created an Azure AD application like below:
To generate token via Postman, I used the below parameters:
POST https://login.microsoftonline.com/TenantID/oauth2/token
client_id:14ad98e6-8b3d-4774-a2ad-XXXXX
client_secret:XXXXXX
resource:https://iothubs.azure.net
grant_type:client_credentials
Response:
When I decoded the above token, I can see the aud as https://iothubs.azure.net like below:
The 400 Bad request error usually occurs if you have passed any invalid URL while generating the token. Make sure to pass the valid parameters.
Try sending the request again in Postman and check if the access token is generated or not.
Alternatively, you can also replace the resource by 89d10474-74af-4874-99a7-c23c2f643083 as suggested by Matthijs van der Veer like below:
Decoded token Response:
What is the format of the url needed to delete an already registered device in azure IoT hub using device provisioning service...
I read this article but it throws me 404
https://learn.microsoft.com/en-us/rest/api/iot-dps/deletedeviceregistrationstate/deletedeviceregistrationstate
In the request header I added If-Match tag but do I need to add Authorization tag with the SaS token and if I need the SaS token will be the one which I used for registering device using Device Provisioning Service
if I need the SaS token will be the one which I used for registering
device using Device Provisioning Service
There are some steps that you need to follow to generate the access_token that will be used in the Authorization header of the request.
Prerequisites:
Install Python 2.7+
Install Azure CLI 2.0+
Login to CLI
Below are the steps:
Login with Azure CLI
az login
Set Active Subscription
az account set --subscription "your subscription name or id"
Create Service Principal
az ad sp create-for-rbac -n "your service principal name. Can be like 'jongpostman7'"
The output of above command will be something like below image.
Copy this output to a temp location, you will need the values in a minute.
Coming to the Postman request now. You need to first call the AAD Token request whose response will provide you with the access_token. This access token you can use in the DPS delete device request. The AAD request will be like below:-
POST https://login.microsoftonline.com/{{tenantId}}/oauth2/token
Refer image below for the request body.
grant_type is client_credentials
client_id is the appId received in above command output
client_secret is the password received in above command output
tenant_id is the tenant received in above command output
resource is https://management.azure.com/
The response of above request will be like below:-
Now, you have the access_token that can be used in the DPS delete device REST API.
The Authorization header be like below:
Authorization: Bearer <access_token_received_above>
Reference link here.
I'm trying to call the inbuilt azure API by bearer token generation. The bearer token is generated using "https://login.microsoftonline.com/{tenantID}/oauth2/token,"; and using this token, I'm trying to access the get device API from IoT Hub. The headers i am providing for the REST API call are content-type and Authorization(with the bearer token). But it is returning an error message as below:
Message;:;ErrorCode:IotHubUnauthorized;3cc43d2f-def7-4a3e-a2ue-eb367467ab90 is not valid;
Can anyone please help me in solving this?
To connect to your IoT Hub's Service API, you need a shared access token, not an oauth2 token. You can generate the token you need to set in your header through the az cli
az iot hub generate-sas-token -n {iothub_name}
If you like a more visual approach, you can use the Device Explorer. You can simply enter your IoT Hub connection string with service connect or iothubowner right and generate the token.
You can then use the service endpoints of your IoT Hub, here's an example curl request:
curl --request GET \
https://<hub-name>.azure-devices.net/devices?api-version=2018-06-30 \
--header "Authorization: SharedAccessSignature sr=<hub-name>.azure-devices.net&sig=KSobATNRdkFtd999999990v7NYU4hitkTA3ts%3D&se=1626508840&skn=iothubowner"
This is regarding Azure Event hub and I am trying to send data using a POST api call from POSTMAN to my Event hub.
Steps I followed:
Created Event Hub,
Generated SAS send token,
Created Consumer group
Now in postman I am struggling to format the correct headers:
request I send:
POST: https://testeventhu.servicebus.windows.net/myhub
2 headers :
Content-Type : application/atom+xml;type=entry;charset=utf-8
Authorization: SharedAccessSignature sig=kjheh/f6SqR8dIW2nRpGUCHuhdshss2KoCKo7Q6ozmY=&se=1571140739&skn=saspolicy&sr=https://testeventhu.servicebus.windows.net/myhub
and I get the error as 401 MalformedToken: Failed to parse simple web token
What wrong am I doing in here?the refrence used is from https://learn.microsoft.com/en-us/rest/api/eventhub/Send-event?redirectedfrom=MSDN
Thanks in advance
Please follow my steps as below:
1.After you create your eventhub namesapce and eventhub instance in azure portal -> in azure portal, nav to your eventhub namespace -> Shared access policies, click "Add" button to create a sas policy(here, I just select the Send privilege for sending purpose). The screenshot as below:
2.Generate sas token, I create the sas token via powershell as per this link. Here is my powershell code and the returned sas token:
3.In postman:
The request url should like this, remember add messages at the end: https://your_eventhub_namespace.servicebus.windows.net/your_eventhub_instance/messages
The headers:
Authorization : the sas token from step 2
Content-Type: application/atom+xml;type=entry;charset=utf-8
Host(optional): your-eventhub-namespace.servicebus.windows.net
the screenshot as below, you can see the returned status code is 201 created:
And if you don't know how to set the message body, you can see my message in body in postman:
Please feel free to let me know if you still have any issues.
I have an Azure Iot Hub endpoint where I have to send some data (consider small strings). I want to set the speed of sending the data to that url and am using Trickle to achieve that.
I thought
trickle -d 30 -u 30 wget http://armtest1.azure-devices.net
will do the work, but it is showing
failed: Connection refused
Also tried like this:
trickle -d 30 -u 30 wget --user=[myusername] --password=[mypassword] --auth-no-challenge http://armtest1.azure-devices.net
But still getting the same error.
It will be very helpful if you guys kindly point out my mistake and give me a way to achieve this using trickle.
Azure IoT Hub grants access to endpoints by verifying a token against the shared access policies and identity registry security credentials. Azure IoT Hub supports MQTT, AMQP, and HTTPS, these supported protocols transports tokens in different ways.HTTPS implements authentication by including a valid token in the Authorization request header.
If you want to access(send data) to Azure IoT Hub using REST API, an existing device need to be specified.Please try to execute the following command:
trickle -s -d 30 -u 30 \
wget --header="Authorization:<generated SAS token for device>" \
--header="Content-Type:application/json" \
--post-data '<your data in json style>' \
"https://<your-iothub-host>.azure-devices.net/devices/<device id>/messages/events?api-version=2016-02-03"
In the command,something need to be clarified.
generated SAS token for device: you can use Device Explorer to generate the token.Please refer to the step 2 in this article(Sending events to IOT Hub over HTTP via REST).
your data in json style:the data you want to send to IoT Hub. It is in JSON format.
your-iothub-host:You can get the hostname of IoT Hub in Azure Portal.This is the name when you created the IoT Hub.
When you executed the command successfully,there will be a response like:
Connecting to <your-iothub-host>.azure-devices.net (<your-iothub-host>.azure-devices.net)|<ipaddress>|:443... connected.
HTTP request sent, awaiting response... 204 No Content
2018-01-03 22:33:53 (0.00 B/s) - ‘events?api-version=2016-02-03’ saved [0]
and, IoT Hub will receive the message, you can monitor the events through Device Explorer.