Access Token Based Authentication is the default device authentication type. Once the device is created in Thingsboard, the default access token is generated. It can be changed afterwards. In order to connect the device to a server using Access Token based authentication, the client must specify the access token as part of request URL (for HTTP and CoAP) or as a user name in MQTT connect message. See supported protocols API for more details.
One-way SSL authentication is a standard authentication mode, where your client device verifies identity of server using server certificate. In order to run one-way MQTT SSL, the server certificate chain should be signed by authorized CA or client must import the self-signed server certificate (.cer or .pem) to it’s trust store. Otherwise connection will fail with the ‘Unknown CA’ error.
Example below demonstrates how to connect to Thingsboard MQTT server that uses self-signed certificate. You will need to have public key of server certificate in PEM format. See following instructions for more details on server-side configuration.
Download Python client example one-way-ssl-mqtt-client.py. Specify your access token and path to public key of server certificate.
# Some code omitted client.tls_set(ca_certs="mqttserver.pub.pem", certfile=None, keyfile=None, cert_reqs=ssl.CERT_REQUIRED, tls_version=ssl.PROTOCOL_TLSv1, ciphers=None); client.username_pw_set("TEST_TOKEN") # Some code omitted
Note Script uses 8883 mqtt port and requires paho mqtt library that you can install using following command: pip install paho-mqtt
Run the script:
If everything was configured correctly, the output should be like: