Establishing HTTP-based Connection


This section describes the process of establishing the HTTP protocol-based connection.

Basic Process

When a device is connected over HTTP, device authentication is needed to obtain the device session ID, which will be used later for the reporting of measurement point data.

Device Authentication

Request Sample

POST /auth/{ProductKey}/{DeviceKey}
Host: {HTTP-Broker-URL}
Content-Type: application/json
body: {
    "signMethod":"sha256",
    "sign":"bd931ad96c9977af9aae01f17efd30e609a0fe5ed3358f7ca4a9e6a51482160b",
    "lifetime":300000
}
Parameter Description

Parameter

Description

POST

The request method. Only supports POST.

/auth/{ProductKey}/{DeviceKey}

The URL used for authentication. {ProductKey} and {DeviceKey} are the product key and device key of the device respectively. You can obtain the two keys by logging in to EnOS Management Console and navigating to Device Management > Device Assets. For more details, see Retrieving the Device Triple Information.

Host: {HTTP-Broker-URL}

The HTTP Broker URL. For information about the HTTP broker URL of your EnOS instance, log in to EnOS Management Console and select Help > Environment Information.

Content-Type: application/json

The encoding format of the uplink data sent by the device to EnOS. It should be application/json during device authentication.

body: {“signMethod”:”sha256”, “sign”:”bd931ad96c9977af9aae01f17efd30e609a0fe5ed3358f7ca4a9e6a51482160b”, “lifetime”:”300000”}

The device authentication-related information in JSON format. See the table below for the parameter descriptions.


Device Authentication Parameter Description

Parameter

Mandatory/Optional

Description

signMethod

Mandatory

The signature algorithm. Only supports sha256.

lifetime

Mandatory

The time used to determine the state of the device, calculated in ms. It is 300000 ms (5 min.) by default. If the device does not report data to EnOS within the time length specified by lifetime, the device will need to be re-authenticated to obtain a new session ID.

sign

Mandatory

The device signature. See the below on how to form the signature.

Device Signature Computing Method

  1. Generate a string for the device signature by concatenating the following fields and their values according the order listed below.

    • deviceKey: The device key of the device.

    • lifetime: The time used to determine the state of the device.

    • productKey: The product key of the device.

    • method: The signature algorithm, with the value sha256.


    For example, with the following device parameter values:

    • deviceKey=dK987654

    • lifetime=300000

    • productKey=pK11111

    • signMethod=sha256


    The concatenated string will be: deviceKeydK987654lifetime300000productKeypK11111signMethodsha256


  2. Append the device secret of the device to the end of the concatenated string. You can obtain the device secret by logging in to EnOS Management Console and navigating to Device Management > Device Assets.


    For example, with the device secret being ds54321, the new concatenated string will be: deviceKeydK987654lifetime300000productKeypK11111signMethodsha256ds54321


  3. Use the SHA256 algorithm to encrypt the string, and convert the string to uppercase to get sign.

    In the above instance, the calculation method for sign can be expressed by the following expression: sign=toUpperCase(SHA256(deviceKeydK987654lifetime300000productKeypK11111signMethodsha256ds54321))

Note

When appending the device secret to the end of the string in Step 2, do not add the parameter name deviceSecret.

Return Sample

body:
{
  "code": 200,
  "msg": "success",
  "data": {
     "sessionId": "262dc4cb-dc31-4610-b5e5-417b93e4f008"
   }
}

Note

  • The returned sessionId needs to be cached locally as it is needed every time when you report data.

  • If the sessionId verification fails, the device needs to be re-authenticated to obtain a new sessionId.

Error code

Error code

Message

Description

400

Bad Request

The request parameters contain errors.

401

Unauthorized

The device authentication failed.

500

Internal Server Error

Internal server error.