Manage Your Device Lifecycle

This guide documents the different stages of a device during its time on the Murano platform.

This includes device provisioning, device distribution, customer experience, claiming a device, transferring device ownership, replacing a device, and device end-of-life.

Device Provisioning Process

The Murano platform uses two security methods to authenticate connections. One method uses an automatically generated pre-shared key, and the other method uses client certificates to establish a secure TLS connection. The following sections walk through the process and features of each method.

Pre-Shared Key

The pre-shared key process has two methods to add identities and authenticate. Users can make a call that will add an identity, ID=12345, and a user generated key, CIK=40 character hex. This adds a device to the platform and adds the authentication in one effort. The other method is to provide the server an identity, and it will generate a key for authentication. In either case, the pre-shared key will exist on the device in non-volatile memory. The devices uses the key, either user-generated or provided, to write data to the cloud and to read data from it.

Data Format

In order for Murano to properly process data, it must first understand some information about the type of data it expects from the device. Murano supports three main data types: integer, float, and string. Each resource within a product has what is called an "alias." An alias is the name describing the resource. For instance, a resource with an alias of "temp", and a format of integer will be expecting data to describe it in the following format: temp=70. The call will be rejected if "temp" is declared equal to a string.


Once a device is provisioned and the data format is defined, the device is prepared for sale to distributors or end users. Murano lets you create a custom API to give access to data and control over a device based on identity. Users can claim their device in a custom application and access the device's data from the custom API. The API uses a Lua scripting environment and gives access to dozens of integrations and core services. These services can be leveraged to allow for maximum flexibility when designing your custom application. After distribution, a device enters standard operating mode. A device will remain this way until deactivation, ideally, but oftentimes devices require maintenance, or debugging, if issues arise.


Use Murano CLI to upload content to the cloud, such as new device firmware, that devices can then access. This capability to update device firmware allows you to change an embedded application after the initial deployment. This lets you fix mistakes, rollout new functionality, and optimize device performance. How to update firmware varies from device to device. Murano provides a flexible platform for providing access to the needed files for your embedded application.

Customer Experience

Customers should be able to simply plug in their device and then access the needed functionality from the custom application. Because the key has been pre-shared, and because the device has authenticated, the customer can simply register with your application. They will then have access to the data and can control the device from the cloud. Murano has been designed to be simple and easy for the end users of your device.