Access Token based authentication is the default device authentication type. The unique access token is generated once the device is created in ThingsBoard. It can be changed afterwards. The client must specify the access token as a username in MQTT connect message.
Plain MQTT (without SSL)
Let’s review a simple command to upload temperature readings using Access Token YOUR_ACCESS_TOKEN to ThingsBoard Cloud. See MQTT API for more details. The command is using plain MQTT without TLS:
1
mosquitto_pub -d -q 1 -h "mqtt.thingsboard.cloud" -p "1883" -t "v1/devices/me/telemetry" -u "YOUR_ACCESS_TOKEN" -m {"temperature":25}
The above command uses mqtt.thingsboard.cloud host and 1883 port and requires mosquitto clients library that you can install using the following command: apt-get install mosquitto-clients
MQTTS (MQTT over SSL)
One-way SSL authentication is a standard authentication mode, where your client device verifies the identity of a server using server certificate. ThingsBoard Team has already provisioned a valid certificate for ThingsBoard Cloud.
Please download the CA root certificate using this link and save it to your working directory as “ca-root.pem”.
1
wget https://thingsboard.io/docs/paas/user-guide/resources/mqtt-over-ssl/ca-root.pem
Now you may use the ca-root.pem to setup secure connection to ThingsBoard Cloud and Access Token YOUR_ACCESS_TOKEN to authenticate the device to upload telemetry:
1
mosquitto_pub --cafile ca-root.pem -d -q 1 -h "mqtt.thingsboard.cloud" -p "8883" -t "v1/devices/me/telemetry" -u "YOUR_ACCESS_TOKEN" -m {"temperature":25}
The above command uses mqtt.thingsboard.cloud host and 8883 port and requires mosquitto clients library that you can install using the following command: apt-get install mosquitto-clients