I am working on internet of things, in one of my current project I am reading the data from Azure IoT hub in a Windows 10 UWP app, where I am passing my IoT Hub connection string to azure while reading data( using Cloud to Device concept).
Is it secure/fine way or not reading data from a client app.
Thanks,
Pradeep
Yes. The library uses https, however the contents of the message is not encrypted, so if you're super-sceptical, just encrypt it before sending.
Related
In the reference architectures for IOT Hub\Central you can easily see how the SAS or X509 Cert is used for device authentication. As an example, look at this MXChip OTA Example. (my notes in pink)
Reference Article: Azure MXChip IoT DevKit Firmware OTA (Over-the-Air)
When we extend out to other Azure Services, can you leverage this authentication for other actions such as downloading files for OTA.
The only approach I can come up with is either:
a) have the download endpoint be secure through obscurity (not great).
b) introduce a shim service and implement an additional authentication layer there.
A seems bad. B seems like a waste. I feel like I'm missing and option C or lack the right info on the Azure-way for this one.
Thanks!
The following are steps for a device download file from the Azure Storage blob container using the IoT Central App:
Configure your IoT Central App for Device file upload.
Upload to the configured storage blob container requested blob for its downloading by device (in my example: container=iotc, deviceId=device123, blobname=test.json)
Generate a device connection string, hostname and sasToken for your IoT Central App, see more implementation details here.
Based on the response from the step 3. use the REST POST request to the underlaying IoT Hub of your IoT Central App for a specific blob references, such as:
{
"correlationId":"****",
"hostName":"****.blob.core.windows.net",
"containerName":"iotc",
"blobName":"device123/test.json",
"sasToken":"?sv=2018-03-28&sr=b&sig=****&se=2021-01-20T10%3A26%3A59Z&sp=rw"
}
Based on the response from the step 4., download the blob using the REST GET request, see the following example:
https://****.blob.core.windows.net/iotc/device123/test.json?sv=2018-03-28&sr=b&sig=****&se=2021-01-20T10%3A26%3A59Z&sp=rw
Notify underlaying IoT Hub of your IoT Central App that the device ended the download process, see the REST POST request. Note, that the correlationId you will received in the step 4.
With regard to my original question about using the authenticated device session to access other Azure services, both in general and specifically for the purpose of downloading files for OTA. This is not possible.
You either need to implement an additional authentication mechanism and your own service, use the service specific SDK in your application or for the case of Blob Storage with firmware updates, use a publicly available download point.
Note: The answer from Roman shows how to upload and access an uploaded file. It may help some who will end up here.
Is there a way to send data to a device in Azure IoT Hub using a shared key without first generating a SAS token? The reason I am trying to do this is because I want to send events via a web hook without writing code for it. The device is connected to our system and we're trying to use our web hooks functionality which can relay an event to a HTTP endpoint with preconfigured headers and format but it can't execute the code to get a temporary SAS token.
Alternatively can I make a SAS token that never expires?
Ended up using Azure IoT Central + the Azure IoT Central Bridge. The IoT Bridge is an Azure function where you put some JS code to convert your message to a format that IoT Central understands and then it deals with the tokens and eventual device registration. This is not an exact answer to the question since IoT Central is not exactly IoT Hub (it is a portal over it) but it turns out it works well enough for our case. Also I think the codebase of the IoT Bridge can be used with the IoT Hub if one wants to dig enough through it. Maybe this solution can serve someone else.
I am working on a simple dashboard for showing IoT data in a browser.
So far, I was using the Paho MQTT client library and a public MQTT broker to receive data. However, I'd like to use the Azure IoT Hub from now on.
The data I'm sending is just simple temperature and humidity values.
I already found out that I can't connect to the IoT Hub via MQTT. So my question is:
Is there a possibility to connect (eg. using javascript) directly to IoT Hub and read the data?
If not, what's my best option?
I thought about saving the messages to an SQL Database and reading from that, but that seems quite complicated for what should be a simple IoT use case (showing real-time data)
Thank you in advance!
You can connect to IoT Hub via MQTT. Please take a look at this documentation for detail. We also have a Node.js SDK for connecting to IoT Hub if you don't want to deal with MQTT directly. I know you are working on your own dashboard, but have you looked at Azure IoT Solutions Accelerator? It's completely open source and you can modify it as you want.
I want to send SIM808 GPS data to the Azure IoT hub using MQTT.
As mentioned in docs of azure, I have used the same parameters.
https://learn.microsoft.com/en-us/azure/iot-hub/iot-hub-mqtt-support#using-the-mqtt-protocol-directly
But it doesn't work. Did not published.
Can we connect to Azure MQTT using Username and password without attaching certificate? if not
How to create the certificate?
How to send SIM808 data to the Azure IoT hub using MQTT?
Suggest me a way to do it with an example.
Thanks!!!
Yes, you can do it. You can use tokens.
As a simplest alternative you may also use flespi telematics hub to reach same goal. Your device can send via HTTP or MQTT messages to flespi channel. And flespi will stream processed information to MS Azure and/or AWS in their specific protocols.
I was using ThingSpeak for an IoT project. I've decided to move on with Azure IoT. My project consists Raspberry Pi 3's sending data to an IoT platform using MQTT protocol which will be displayed over mobile app.
While using ThingSpeak, things were easier. I was sending data to IoT platform, ThingSpeak was storing them without me configuring almost anything and mobile app that I wrote was sending HTTP request to IoT platform with an interval. Then, I was parsing JSON response on mobile app to display important values in real time.
So far I've managed to send datas to IoT hub using Azure IoT C SDK. However I am very confused about how I am going to implement these on Azure IoT, what my workflow should be like.
Azure IoT Hub ingests data from your devices into the cloud and then delivers that data to other destinations for storage or processing. By default, IoT Hub delivers data from devices to an Event Hubs compatible end point (these Quickstarts illustrate this process: https://learn.microsoft.com/azure/iot-hub/quickstart-send-telemetry-node). IoT Hub can also use routing rules to send data to other locations, such as storage or a Service Bus queue. The following tutorial illustrates these options for you: https://learn.microsoft.com/azure/iot-hub/tutorial-routing.