IoT

IoT Gateway examples

The gateway examples demonstrate how to:

These examples assume that you have downloaded the example repository and that the iot-edge directory is your current directory.

Authenticate the gateway after manual registration

This example starts the gateway, and authenticates it. The gateway must have an asymmetric key pair for signing. This is provided in the /path/to/iot-edge/examples/resources directory. The source code for this example is in /path/to/iot-edge/cmd/gateway/main.go.

Before you run the example:

  • Register the gateway manually (using manual-gateway as the ID)

  • In the auth-tree, make sure that the Authenticate Thing node has the following configuration:

    • JWT Authentication Method : Proof of Possession

    • Issue Restricted Token enabled


  1. Start the gateway:

    cd /path/to/iot-edge
    ./run.sh gateway \
    --name "manual-gateway" \
    --url "http://am.localtest.me:8080/openam" \
    --audience "/" \
    --realm "/" \
    --tree "auth-tree" \
    --kid "cbnztC8J_l2feNf0aTFBDDQJuvrd2JbLPoOAxHR2N8o=" \
    --key "$(pwd)/examples/resources/eckey1.key.pem" \
    --address ":5683" \
    --debug
    commandline options
      url: http://am.localtest.me:8080/openam
      realm: /
      tree: auth-tree
      name: manual-gateway
      address: :5683
      key: /path/to/iot-edge/examples/resources/eckey1.key.pem
      kid: cbnztC8J_l2feNf0aTFBDDQJuvrd2JbLPoOAxHR2N8o=
      certificate:
      timeout 5s
      debug: true
    IoT Gateway server started.

    The gateway is now started and has authenticated itself to AM.

  2. In a separate terminal window, connect a thing to the gateway.

  3. To stop the gateway process, press Ctrl+C in the terminal window where the process is running.

Authenticate the gateway with dynamic registration

This example registers an identity for the gateway, then starts the gateway, and authenticates it. The gateway must have an asymmetric key pair for signing, and a CA-signed X.509 certificate that contains the key pair’s public key. This is provided in the /path/to/iot-edge/examples/resources directory. The source code for this example is in /path/to/iot-edge/cmd/gateway/main.go:

  1. Start the gateway:

    cd /path/to/iot-edge
    ./run.sh gateway \
    --name "dynamic-gateway" \
    --url "http://am.localtest.me:8080/openam" \
    --audience "/" \
    --realm "/" \
    --tree "auth-reg-tree" \
    --key "$(pwd)/examples/resources/eckey1.key.pem" \
    --cert "$(pwd)/examples/resources/dynamic-gateway.cert.pem" \
    --address ":5683" \
    --debug
    commandline options
    	url: http://am.localtest.me:8080/openam
    	realm: /
    	tree: reg-tree
    	name: dynamic-gateway
    	address: :5683
    	key: /path/to/iot-edge/examples/resources/eckey1.key.pem
    	kid:
    	certificate: /path/to/iot-edge/examples/resources/dynamic-gateway.cert.pem
    	timeout 5s
    	debug: true
    IoT Gateway server started.

    The gateway is now registered, with the ID dynamic-gateway, and has started and authenticated itself to AM.

  2. In a separate terminal window, connect a thing to the gateway.

  3. To stop the gateway process, press Ctrl+C in the terminal window where the process is running.

Connect a thing to the gateway

This example connects a thing to the gateway. When the thing has connected, it can authenticate to AM and request an access token. The source code for this example is in /path/to/iot-edge/examples/thing/manual-registration/main.go.

Before you run the example, register the thing manually (using manual-thing as the thing’s ID). Then, run the thing/manual-registration example to connect the thing to the gateway:

cd /path/to/iot-edge
./run.sh example "thing/manual-registration" \
-name "gateway-thing" \
-url "coap://:5683"
Creating Thing manual-thing…​ Done
Requesting access token…​ RequestAccessToken response:  {
    "access_token":"vHJDYCBkOjih90PWGAw0KcsCzpU",
    "scope":"publish",
    "token_type":"Bearer",
    "expires_in":3599
}
Done
Access token: vHJDYCBkOjih90PWGAw0KcsCzpU
Expires in: 3599
Scope(s): [publish]
Copyright © 2010-2022 ForgeRock, all rights reserved.