IoT-Connector (Aka. Product) Management Page
This reference manual breaks down each page of Murano's device connectivity feature set and provides descriptions of each component's functionality. All device connectivity offerings are located within the realm of your IoT-Connector Solution page.
The Murano management for IoT-Connectors is similar as the one for Murano Applications as both shared the same structure of script & events called Murano Solution. Look on the solution development page to learn more about Services, Endpoints, Modules, End-Users or Web-Assets.
Table of Contents
- Device Product Pages
Device Product Pages
The Devices page is where you will add, list, and manage all your devices (real or simulated). Once you have populated your list of devices, you will have the capability to search, sort, and filter your device list to suit your needs.
When you click the “+ NEW DEVICE(S)” button, you will have the option to add one device or many devices at once. Depending on your account tier, there may be a limit on the number of devices you are able to add.
NOTE: Near the top-left of the screen you will see a button that, when clicked, will copy the App Link to your clipboard. This link is the host name that has been created to receive your devices' outgoing API calls. If devmode is enabled (discussed in the Settings section, below), an additional endpoint is enabled for devices to connect to unsecured on port 80. This unsecured endpoint is nearly identical to the endpoint except
https is changed to
.m2. is changed to
The Resources page is where you may add attributes (or "alias"es) to your devices (e.g., temperature, status, etc.). Resources represent a device's digital twin in the cloud, like a data model shared by all devices. A resource is identified by its alias, and the resource's unit (e.g., °C) can be specified to further clarify the alias's measurement. It is possible to restrict values to ranges (0-100) or to discrete values ("open", "closed", "jammed"). The current resource value for a given device is visible when browsing the device in the project and is accessible to scripts, which can then act on reported values in any number of ways.
When you click "+ NEW RESOURCE", you will be prompted to choose your data format.
- String refers to a unicode sequence of characters.
- Number refers to any positive or negative value.
- Boolean refers to a binary variable (i.e., true or false).
You will also be given the option to "modify this value from the cloud." Leaving this box unchecked will allow only the device itself to write to the alias. Checking this box will allow other applications to modify the value of the resource, depending on the permissions you have put in place.
Limitation: Resources are limited in size to 64Kb each.
Set resource to send data to the device
Typically, devices report values to resources that are "read-only" in the cloud. It is possible to enable writing from the cloud, which can be used to support command-and-control behavior. All resources have a "reported" value which represents the last value written by the device (using the write API). Resources that are cloud-writeable have an additional "set" value assigned when a write occurs from the cloud. The read API will return the "set" value (not the "reported" value) in this case; note, however, that a device write will replace both the "set" and the "reported" value. Devices will use either the read API or the long-polling API to receive control requests and then write appropriate resource updates to reflect its having acted on the request.
Devices are not restricted to write to only defined resources. Devices write to "alias"es which may or may not correspond to defined resources. All device writes are sent to the event handler and can be processed by scripts, but only writes to defined resources will have "reported" values stored, available to devices via "read" and visible when viewing the device online. Additionally, only resources that are cloud-modifiable will have "set" values.
Notes: You can also disable the synchronization for a give resource, if so the Set & Reported will always be the same.
The Content page serves as a file store that your devices can access and utilize through the API. Click “+ NEW CONTENT” and follow the prompts to upload your files. Each content item has an ID, a MIME type, a size (in bytes), and a timestamp. Devices may list available content, get content info, and download content using the HTTP Device API.
There is no restriction as to the kind of content that can be made available to devices. Files can contain anything from audio/video content to config data, but the typical use case is to store firmware updates. For content that gets updated over time, such as with new firmware versions, it is recommended to include in the ID some kind of version tag. Whether this approach is taken or the content is updated in place and a timestamp is used to differentiate, devices will need a means to know which version they are at. Exosite recommends storing this information in a Resource. Additionally, if the resource is cloud-modifiable, the device can be notified when new firmware is available.
Note: Content items must be less than 64 MB in size.
The Logs page is where you may access a connection log of each device’s meta data and a "live" view that displays events associated with a product's API endpoint that came in while the Murano product UI was running.
The Settings page allows you to configure the
Public Key Infrastructure settings to control what protocol the devices will use to communicate with Murano, how they identify themselves and how they authenticate.
Determine how your devices communicate with the platform.
NOTE: Enabling the "Enable Developer Mode" checkbox allows unsecured HTTP communications on port 80. Unsecured HTTP communications can be read by third parties who are able to intercept the communications, thereby potentially exposing sensitive information. Although this setting can be useful during certain stages of device development, or in unique payload-level-encrypted systems, it should not typically be enabled.
Device Identity Format
NOTE: Devices that attempt to connect that do not match this format will be ignored for security reasons.
Determine what devices can connect and from where. For documentation on how to manage your identities via API and a tutorial for how to integrate your identity management system, see our documentation.
- Token: Selecting the
Tokenoption enables a character string for the authorization of your devices communication with Murano.
- TLS Client Certificate: Selecting the
TLS Client Certificateoption enables authentication and identification of devices via parameters of the client certificate to communicate with Murano.
- Password: Selecting the
Passwordoption enables the user using username and password for the authorization of your devices' communication with Murano.
- Client Interface Key (CIK): Selecting the
Client Interface Keyoption enables a character string for the authorization of your devices communication with Murano. (Only for HTTP Device API)
NOTE: When provisioning a device, the device may present its own identity (assuming "Allow devices to register their own identity" is selected). Such devices will have an identity (such as a MAC address) that must match the specified format. It is possible for illegitimate devices to successfully provision; presented identity provides a slightly greater barrier due to its identity format validation. It is also possible to further restrict provisioning to only those devices with particular IP Addresses.
Public Key Infrastructure
A Public Key Infrastructure is a set of roles, policies, and procedures needed to create, manage, distribute, use store, and revoke digital certificates and manage public-key encryption, see our documentation.
NOTE: This only for
TLS Client Certificate Authentication.