Sidebar navigationMain contentFooter
Contribute on Github

How to enable device auto-provisioning

Reviewed on 16 October 2023Published on 01 September 2019

Enabling device auto-provisioning will automatically create missing devices in your hub when they supply valid TLS information. The certificate chain will be verified against the custom certificate authority of the target hub. If there is no device having the same name as the device certificate Common Name (CN), a device with that CN will be created on this hub.

This enables industrial use cases, where the secure element provider issues certificates itself on its production lanes, and burns them directly into the chips. The secure element provider will use intermediate certificates signed by a certificate authority, which together with the generated certificate will create a full TLS certificate chain. After installing the Certificate Authority in a hub and enabling device auto-provisioning, the previously unseen device will be able to connect to the hub without having to manually provision it. In this use case, the common name of the generated certificate will be the serial number of the secure element.

Created devices have the following properties:

  • Name: Equal to the Common Name of the device certificate.
  • Description: A message that states the IP address that provisioned the device.
  • Message filters: None, all messages & subscriptions allowed.
  • Allow insecure: False. As the security relies on the use of mTLS, it is not possible to connect with this device using insecure connections.
  • Allow multiple connections: False. The certificate should represent a unique physical device.
Security & Identity (IAM)

To perform certain actions described below, you must either be the Owner of the Organization in which the actions will be performed, or an IAM user with the necessary permissions.

  • You have an account and are logged into the Scaleway console
  • You have created an IoT Hub
  • You have created a custom certificate authority
  1. Click IoT Hub in the Managed Services section of the side menu. A list of your IoT Hubs displays.

  2. Click on the hub on which to enable the device auto-provisioning.

  3. Scroll down to the Device Auto-Provisioning panel and slide the «Toogle Icon» toggle to Enabled.

    When auto-provisioning is enabled, IoT Hub will try to add new devices upon first connection. A Hub Event will be raised upon success or failure.

See also
How to view metricsHow to change the product plan
Cloud Products & Resources
  • Scaleway Console
  • Compute
  • Storage
  • Network
  • IoT
  • AI
Dedicated Products & Resources
  • Dedibox Console
  • Dedibox Servers
  • Network
  • Web Hosting
  • Blog
  • Careers
  • Scaleway Learning
Scaleway Docs
Follow us
ContractsLegal NoticePrivacy PolicyCookie PolicyDocumentation license
© 1999-2024 – Scaleway SAS