Access Token based authentication is the default device authentication type. The unique access token is generated once the device is created in IoT Hub. It can be changed afterwards. The client must specify the access token as a username in MQTT connect message.
Plain MQTT (without SSL)
Let’s review a simple command to upload temperature readings using Access Token YOUR_ACCESS_TOKEN to Iot Hub. See MQTT API for more details. The command is using plain MQTT without TLS:
1
mosquitto_pub -d -q 1 -h "iothub.magenta.at" -p "1883" -t "v1/devices/me/telemetry" -u "YOUR_ACCESS_TOKEN" -m {"temperature":25}
The above command uses iothub.magenta.at host and 1883 port and requires mosquitto clients library that you can install using the following command: apt-get install mosquitto-clients
MQTTS (MQTT over SSL)
One-way SSL authentication is a standard authentication mode, where your client device verifies the identity of a server using server certificate. IoT Hub Team has already provisioned a valid certificate for Iot Hub.
Please download the CA root certificate using this link and save it to your working directory as “ca-root.pem”.
1
wget https://docs.iothub.magenta.at/docs/paas/user-guide/resources/mqtt-over-ssl/ca-root.pem
Now you may use the ca-root.pem to setup secure connection to Iot Hub and Access Token YOUR_ACCESS_TOKEN to authenticate the device to upload telemetry:
1
mosquitto_pub --cafile ca-root.pem -d -q 1 -h "iothub.magenta.at" -p "8883" -t "v1/devices/me/telemetry" -u "YOUR_ACCESS_TOKEN" -m {"temperature":25}
The above command uses iothub.magenta.at host and 8883 port and requires mosquitto clients library that you can install using the following command: apt-get install mosquitto-clients