IoT-Connector (Aka. Product) Management Page

This reference manual breaks down each page of Murano's device connectivity feature set and provides descriptions of each component's functionality. All device connectivity offerings are located within the realm of your IoT-Connector Solution page.

The Murano management for IoT-Connectors is similar as the one for Murano Applications as both shared the same structure of script & events called Murano Solution. Look on the solution development page to learn more about Services, Endpoints, Modules, End-Users or Web-Assets.

Table of Contents


Device Product Pages

Devices

Devices tab

The Devices page is where you will add, list, and manage all your devices (real or simulated). Once you have populated your list of devices, you will have the capability to search, sort, and filter your device list to suit your needs.

Devices Empty

When you click the “+ NEW DEVICE(S)” button, you will have the option to add one device or many devices at once. Depending on your account tier, there may be a limit on the number of devices you are able to add.

Add device popup

NOTE: Near the top-left of the screen you will see a button that, when clicked, will copy the App Link to your clipboard. This link is the host name that has been created to receive your devices' outgoing API calls. If devmode is enabled (discussed in the Settings section, below), an additional endpoint is enabled for devices to connect to unsecured on port 80. This unsecured endpoint is nearly identical to the endpoint except https is changed to http and .m2. is changed to .devmode-m2. (e.g. http://09iolmnn8090ol.devmode-m2.exosite.io).

Copy domain


Resources

Resources tab

The Resources page is where you may add attributes (or "alias"es) to your devices (e.g., temperature, status, etc.). Resources represent a device's digital twin in the cloud, like a data model shared by all devices. A resource is identified by its alias, and the resource's unit (e.g., °C) can be specified to further clarify the alias's measurement. It is possible to restrict values to ranges (0-100) or to discrete values ("open", "closed", "jammed"). The current resource value for a given device is visible when browsing the device in the project and is accessible to scripts, which can then act on reported values in any number of ways.

resources list

When you click "+ NEW RESOURCE", you will be prompted to choose your data format.

You will also be given the option to "modify this value from the cloud." Leaving this box unchecked will allow only the device itself to write to the alias. Checking this box will allow other applications to modify the value of the resource, depending on the permissions you have put in place.

resource popup

Limitation: Resources are limited in size to 64Kb each.

Learn more about resources on the Device2 micro-service reference or see the related Quickstart Example.

Set resource to send data to the device

Typically, devices report values to resources that are "read-only" in the cloud. It is possible to enable writing from the cloud, which can be used to support command-and-control behavior. All resources have a "reported" value which represents the last value written by the device (using the write API). Resources that are cloud-writeable have an additional "set" value assigned when a write occurs from the cloud. The read API will return the "set" value (not the "reported" value) in this case; note, however, that a device write will replace both the "set" and the "reported" value. Devices will use either the read API or the long-polling API to receive control requests and then write appropriate resource updates to reflect its having acted on the request.

Devices are not restricted to write to only defined resources. Devices write to "alias"es which may or may not correspond to defined resources. All device writes are sent to the event handler and can be processed by scripts, but only writes to defined resources will have "reported" values stored, available to devices via "read" and visible when viewing the device online. Additionally, only resources that are cloud-modifiable will have "set" values.

Notes: You can also disable the synchronization for a give resource, if so the Set & Reported will always be the same.


Content

Content tab

The Content page serves as a file store that your devices can access and utilize through the API. Click “+ NEW CONTENT” and follow the prompts to upload your files. Each content item has an ID, a MIME type, a size (in bytes), and a timestamp. Devices may list available content, get content info, and download content using the HTTP Device API.

Content

There is no restriction as to the kind of content that can be made available to devices. Files can contain anything from audio/video content to config data, but the typical use case is to store firmware updates. For content that gets updated over time, such as with new firmware versions, it is recommended to include in the ID some kind of version tag. Whether this approach is taken or the content is updated in place and a timestamp is used to differentiate, devices will need a means to know which version they are at. Exosite recommends storing this information in a Resource. Additionally, if the resource is cloud-modifiable, the device can be notified when new firmware is available.

Note: Content items must be less than 64 MB in size.


Logs

Logs tab

The Logs page is where you may access a connection log of each device’s meta data and a "live" view that displays events associated with a product's API endpoint that came in while the Murano product UI was running.

Logs empty


Settings

Settings tab

The Settings page allows you to configure the Protocol, Identity, Provisioning and Public Key Infrastructure settings to control what protocol the devices will use to communicate with Murano, how they identify themselves and how they authenticate.

Settings

Protocol

Determine how your devices communicate with the platform.

NOTE: Enabling the "Enable Developer Mode" checkbox allows unsecured HTTP communications on port 80. Unsecured HTTP communications can be read by third parties who are able to intercept the communications, thereby potentially exposing sensitive information. Although this setting can be useful during certain stages of device development, or in unique payload-level-encrypted systems, it should not typically be enabled.

Settings protocol

Identity

Device Identity Format

NOTE: Devices that attempt to connect that do not match this format will be ignored for security reasons.

Settings provisioning

Provisioning

Determine what devices can connect and from where. For documentation on how to manage your identities via API and a tutorial for how to integrate your identity management system, see our documentation.

Authentication:

NOTE: When provisioning a device, the device may present its own identity (assuming "Allow devices to register their own identity" is selected). Such devices will have an identity (such as a MAC address) that must match the specified format. It is possible for illegitimate devices to successfully provision; presented identity provides a slightly greater barrier due to its identity format validation. It is also possible to further restrict provisioning to only those devices with particular IP Addresses.

Settings Authentication

Public Key Infrastructure

A Public Key Infrastructure is a set of roles, policies, and procedures needed to create, manage, distribute, use store, and revoke digital certificates and manage public-key encryption, see our documentation.

NOTE: This only for TLS Client Certificate Authentication.

Settings PKI