Fetches the credentials of the originator device and adds them to the message data or metadata.
Configuration
The node has a single configuration option to determine where the fetched credentials should be placed.
- Fetch credentials to - Determines the destination for the new credential fields.
- Message: Adds the fetched credentials to the message data. The message data must be a JSON object.
- Metadata: Adds the fetched credentials to the message metadata.
JSON Schema
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
{
"$schema": "https://json-schema.org/draft/2020-12/schema",
"title": "TbFetchDeviceCredentialsNodeConfiguration",
"type": "object",
"properties": {
"fetchTo": {
"type": "string",
"enum": [
"DATA",
"METADATA"
],
"description": "Destination for the fetched credentials (message data or metadata)."
}
},
"required": [
"fetchTo"
],
"additionalProperties": false
}
Message processing algorithm
- The node first checks if the message originator is a
DEVICE
. If the originator is of any other type (e.g.,ASSET
,CUSTOMER
), the message is passed to theFailure
connection. - It then asynchronously fetches the credentials for the originator device from the database. If credentials are not found, the message is also passed to the
Failure
connection. - If credentials are found, the node prepares to add two new fields:
credentialsType
: The type of the credentials (e.g.,ACCESS_TOKEN
,X509_CERTIFICATE
,MQTT_BASIC
).credentials
: The value of the credentials. The format of this field depends on the destination:- When adding to Message, the
credentials
field will be a JSON object for complex credentials (like MQTT Basic) or a simple string for others (like Access Token). - When adding to Metadata, the
credentials
value is always a string. For complex credentials, this will be a stringified JSON object.
- When adding to Message, the
- Based on the Fetch credentials to setting, the node adds the
credentialsType
andcredentials
key-value pairs to either the message data or metadata. - The enriched message is forwarded via the
Success
connection. If an error occurs (e.g., originator is not a device, or trying to add to a non-JSON message body), the original message is routed to theFailure
connection.
Output connections
Success
:- The device credentials were successfully fetched and added to the message.
Failure
:- The message originator is not a
DEVICE
. - Credentials for the originator device could not be found.
- Fetch credentials to is set to Message, but the message data is not a valid JSON object.
- The message originator is not a
Examples
Example 1 — Adding device access token to metadata
Incoming message
Metadata:
1
2
3
4
{
"deviceName": "SmartMeter-001",
"deviceType": "SmartMeter"
}
Originator: The originator is a device with Access Token credentials (sm001_token_123
).
Node configuration
1
2
3
{
"fetchTo": "METADATA"
}
Outgoing message
The message is sent via the Success
connection with updated metadata.
Metadata:
1
2
3
4
5
6
{
"deviceName": "SmartMeter-001",
"deviceType": "SmartMeter",
"credentialsType": "ACCESS_TOKEN",
"credentials": "sm001_token_123"
}
Explanation: The node fetched originator’s credentials, and added the credentialsType
and credentials
to the message metadata. The credentials
is a string containing
device access token.
Example 2 — Adding MQTT credentials to metadata
Incoming message
Data:
1
2
3
4
{
"deviceName": "SmartMeter-001",
"deviceType": "SmartMeter"
}
Originator: The originator is a device with MQTT Basic credentials ("{"clientId":"clientId123","userName":"username","password":"password"}"
).
Node configuration
1
2
3
{
"fetchTo": "METADATA"
}
Outgoing message
The message is sent via the Success
connection with an updated metadata.
Metadata:
1
2
3
4
5
6
{
"deviceName": "SmartMeter-001",
"deviceType": "SmartMeter",
"credentialsType": "MQTT_BASIC",
"credentials": "{\"clientId\":\"clientId123\",\"userName\":\"username\",\"password\":\"password123\"}"
}
Explanation: The node fetched the MQTT basic credentials for the device and added them to the message metadata. The credentials
field is a stringified JSON object containing
the credentials.
Example 3 — Adding X.509 credentials to metadata
Incoming message
Metadata:
1
2
3
4
{
"deviceName": "SmartMeter-001",
"deviceType": "SmartMeter"
}
Originator: The originator is a device with X.509 credentials (o3Qwq2xqQz1pQ3R1Z1wYH9MYx3q2Yw2aC0EXAMPLE+CERIFICATEpQxG4b1g0O7r2kVq8pQIDAQAB
).
Node configuration
1
2
3
{
"fetchTo": "METADATA"
}
Outgoing message
The message is sent via the Success
connection with an updated metadata.
Metadata:
1
2
3
4
5
6
{
"deviceName": "SmartMeter-001",
"deviceType": "SmartMeter",
"credentialsType": "X509_CERTIFICATE",
"credentials": "o3Qwq2xqQz1pQ3R1Z1wYH9MYx3q2Yw2aC0EXAMPLE+CERIFICATEpQxG4b1g0O7r2kVq8pQIDAQAB"
}
Explanation: The node fetched the X.509 credentials for the device and added them to the message metadata. The credentials
field is a string containing X.509 certificate
without header/footer.
Example 4 — Adding device access token to data
Incoming message
Data:
1
2
3
4
{
"temperature": 33,
"humidity": 56.2
}
Originator: The originator is a device with Access Token credentials (sm001_token_123
).
Node configuration
1
2
3
{
"fetchTo": "DATA"
}
Outgoing message
The message is sent via the Success
connection with updated data.
Data:
1
2
3
4
5
6
{
"temperature": 33,
"humidity": 56.2,
"credentialsType": "ACCESS_TOKEN",
"credentials": "sm001_token_123"
}
Explanation: The node fetched originator’s credentials, and added the credentialsType
and credentials
to the message data. The credentials
is a string containing
device access token.
Example 5 — Adding MQTT credentials to data
Incoming message
Data:
1
2
3
4
{
"temperature": 33,
"humidity": 56.2
}
Originator: The originator is a device with MQTT Basic credentials ("{"clientId":"clientId123","userName":"username","password":"password"}"
).
Node configuration
1
2
3
{
"fetchTo": "DATA"
}
Outgoing message
The message is sent via the Success
connection with an updated data.
Data:
1
2
3
4
5
6
7
8
9
10
{
"deviceName": "SmartMeter-001",
"deviceType": "SmartMeter",
"credentialsType": "MQTT_BASIC",
"credentials": {
"clientId": "clientId123",
"userName": "username",
"password": "password"
}
}
Explanation: The node fetched the MQTT basic credentials for the device and added them to the message data. The credentials
field is a JSON object containing the credentials.
Example 6 — Adding X.509 credentials to metadata
Incoming message
Data:
1
2
3
4
{
"temperature": 33,
"humidity": 56.2
}
Originator: The originator is a device with X.509 credentials (o3Qwq2xqQz1pQ3R1Z1wYH9MYx3q2Yw2aC0EXAMPLE+CERIFICATEpQxG4b1g0O7r2kVq8pQIDAQAB
).
Node configuration
1
2
3
{
"fetchTo": "DATA"
}
Outgoing message
The message is sent via the Success
connection with an updated data.
Data:
1
2
3
4
5
6
{
"temperature": 33,
"humidity": 56.2
"credentialsType": "X509_CERTIFICATE",
"credentials": "o3Qwq2xqQz1pQ3R1Z1wYH9MYx3q2Yw2aC0EXAMPLE+CERIFICATEpQxG4b1g0O7r2kVq8pQIDAQAB"
}
Explanation: The node fetched the X.509 credentials for the device and added them to the message data. The credentials
field is a string containing X.509 certificate
without header/footer.