The plgd device provisioning service REST API is defined by swagger.
Property
Type
Description
Default
apis.http.enabled
bool
Enable HTTP API.
false
apis.http.address
string
Listen specification <host>:<port> for http client connection.
"0.0.0.0:9100"
apis.http.tls.caPool
string
File path to the root certificate in PEM format which might contain multiple certificates in a single file.
""
apis.http.tls.keyFile
string
File path to private key in PEM format.
""
apis.http.tls.certFile
string
File path to certificate in PEM format.
""
apis.http.tls.clientCertificateRequired
bool
If true, require client certificate.
true
apis.http.authorization.authority
string
Authority is the address of the token-issuing authentication server. Services will use this URI to find and retrieve the public key that can be used to validate the token’s signature.
""
apis.http.authorization.audience
string
Identifier of the API configured in your OAuth provider.
""
apis.http.authorization.http.maxIdleConns
int
It controls the maximum number of idle (keep-alive) connections across all hosts. Zero means no limit.
16
apis.http.authorization.http.maxConnsPerHost
int
It optionally limits the total number of connections per host, including connections in the dialing, active, and idle states. On limit violation, dials will block. Zero means no limit.
32
apis.http.authorization.http.maxIdleConnsPerHost
int
If non-zero, controls the maximum idle (keep-alive) connections to keep per-host. If zero, DefaultMaxIdleConnsPerHost is used.
16
apis.http.authorization.http.idleConnTimeout
string
The maximum amount of time an idle (keep-alive) connection will remain idle before closing itself. Zero means no limit.
30s
apis.http.authorization.http.timeout
string
A time limit for requests made by this Client. A Timeout of zero means no timeout.
10s
apis.http.authorization.http.tls.caPool
string
File path to the root certificate in PEM format which might contain multiple certificates in a single file.
""
apis.http.authorization.http.tls.keyFile
string
File path to private key in PEM format.
""
apis.http.authorization.http.tls.certFile
string
File path to certificate in PEM format.
""
apis.http.authorization.http.tls.useSystemCAPool
bool
If true, use system certification pool.
false
apis.http.readTimeout
string
The maximum duration for reading the entire request, including the body by the server. A zero or negative value means there will be no timeout.
8s
apis.http.readHeaderTimeout
string
The amount of time allowed to read request headers by the server. If readHeaderTimeout is zero, the value of readTimeout is used. If both are zero, there is no timeout.
4s
apis.http.writeTimeout
string
The maximum duration before the server times out writing of the response. A zero or negative value means there will be no timeout.
16s
apis.http.idleTimeout
string
The maximum amount of time the server waits for the next request when keep-alives are enabled. If idleTimeout is zero, the value of readTimeout is used. If both are zero, there is no timeout.
After having pinged for keepalive check, the client waits for a duration of Timeout and if no activity is seen even after that the connection is closed.
If true, client sends keepalive pings even with no active RPCs. If false, when there are no active RPCs, Time and Timeout will be ignored and no keepalive pings will be sent.
true
clients.openTelemetryCollector.grpc.tls.caPool
string
File path to the root certificate in PEM format which might contain multiple certificates in a single file.
The plgd device provisioning service uses MongoDB database.
Property
Type
Description
Default
clients.storage.cacheExpiration
string
Expiration time of cached records from database.
"10m"
clients.storage.mongoDB.uri
string
URI to mongo database.
"mongodb://localhost:27017"
clients.storage.mongoDB.database
string
Name of database
"deviceProvisioning"
clients.storage.mongoDB.maxPoolSize
int
Limits number of connections.
16
clients.storage.mongoDB.maxConnIdleTime
string
Close connection when idle time reach the value.
4m0s
clients.storage.mongoDB.tls.caPool
string
File path to the root certificate in PEM format which might contain multiple certificates in a single file.
""
clients.storage.mongoDB.tls.keyFile
string
File path to private key in PEM format.
""
clients.storage.mongoDB.tls.certFile
string
File path to certificate in PEM format.
""
clients.storage.mongoDB.tls.useSystemCAPool
bool
If true, use system certification pool.
false
clients.storage.mongoDB.bulkWrite.timeout
string
A time limit for write bulk to mongodb. A Timeout of zero means no timeout.
1m0s
clients.storage.mongoDB.bulkWrite.throttleTime
string
The amount of time to wait until a record is written to mongodb. Any records collected during the throttle time will also be written. A throttle time of zero writes immediately. If recordLimit is reached, all records are written immediately.
500ms
clients.storage.mongoDB.bulkWrite.documentLimit
uint16
The maximum number of documents to cache before an immediate write.
Defines configuration of the plgd hub where the device connects after it’s successfully provisioned.
Property
Type
Description
Default
enrollmentGroups.[].hub.caPool
string
File path to the root certificate in PEM format. Multiple certificates in a single file are supported.
""
enrollmentGroups.[].hub.hubID
string
Uniqhe id of the plgd hub instance.
""
enrollmentGroups.[].hub.coapGateway
string
plgd hub CoAP gateway endpoint where the devices should connect to after successful provisioning.Format <IP:PORT>.
""
enrollmentGroups.[].hub.gateways
[]string
plgd hub gateway multiple endpoints where the devices should connect to after successful provisioning. If coapGateway is also set, it is prepended before .gateways. Format <SCHEME>://<IP:PORT>, for example coaps+tcp://plgd.cloud:1234
After having pinged for keepalive check, the client waits for a duration of Timeout and if no activity is seen even after that the connection is closed.
If true, client sends keepalive pings even with no active RPCs. If false, when there are no active RPCs, Time and Timeout will be ignored and no keepalive pings will be sent.
OAuth2.0 Client is used to obtain JWT with ownerClaim an deviceIDClaim via the client credentials flow. The JWT will be is used directly during the SignUp operation.
Property
Type
Description
Default
enrollmentGroups.[].hub.authorization.ownerClaim
string
Claim used to identify owner of the device. If configured, your OAuth2.0 server has to set the owner id to the token as configured. OwnerClaim with sub is not supported. Custom owner claim needs to be configured also on the plgd hub instance. If used with the plgd mock OAuth Server, value https://plgd.dev/owner has to be set. **Required.**
Claim used to make JWT tokens device specific. If configured, your OAuth2.0 server has to set the device id to the token as configured. If used with the plgd mock OAuth Server, value https://plgd.dev/deviceId has to be set.
Provider name which is registered also on the instance of the plgd hub where the device connects after it's successfully provisioned. The grant type for this provider must to be set to ClientCredentials.
Limit the total number of connections per host, including connections in the dialing, active, and idle states. On limit violation, dials will be blocked. Zero means no limit.
You might have one client, but multiple APIs registered in the OAuth2.0 Server. What you might want to prevent is to be able to contact all the APIs of your system with one token. This audience allows you to request the token for a specific API. If you configure it to myplgdc2c.api in the Auth0, you have to set it here if you want to also validate it.
Size of queue. If it exhausted, submit returns error.
2097152
taskQueue.maxIdleTime
string
Sets up the interval time of cleaning up goroutines. Zero means never cleanup.
10m
Note
Note that the string type related to time (i.e. timeout, idleConnTimeout, expirationTime) is decimal numbers, each with optional fraction and a unit suffix, such as “300ms”, “1.5h” or “2h45m”. Valid time units are “ns”, “us”, “ms”, “s”, “m”, “h”.