Components in an Edge Solution

A solution based on the Nabto Edge platform consists of the following when deployed at an end-user:

  • An embedded device application
  • A client application
  • Configuration data retrieved from the Nabto Cloud Console:
    • A product id (shared among any logical grouping of devices as desired by the vendor), provided by Nabto.
    • A device id (unique within a given product id), provided by Nabto.
    • A server URL, provided by Nabto.
    • An API key, provided by Nabto.
  • A keypair installed on the embedded device.
  • A license to use a device (intangible, just a commercial transaction - see next bullet)
  • Public key fingerprint of the device’s keypair registered with the Nabto Basestation servers - this constitutes use of a purchased license.

In addition to this, some essential data is generated and configured at runtime, most notably the client’s keypair and the device’s access control list.

Embedded Device Application

Nabto Edge embedded device applications are developed using the Nabto Edge Embedded SDK. Source code is available in github for simple integration and transparency.

Through the Nabto Cloud Console, a product is created, associated with the developer’s organization. Each product has a product id that is entered in the embedded application.

Within this product, devices can be created using the console or through the Nabto Cloud API. Each device’s device id is entered in the embedded application.

A Nabto Edge Basestation server URL is also provided by the console that must be passed to the embedded SDK by the developer.

The device needs a keypair to be able to communicate with basestation and clients. Typically this keypair is generated and installed at the factory. The keypair’s public key’s fingerprint is registered with the Nabto Edge Basestation through console or API - such registration constitutes a license use.

The solution is configured by Nabto to allow a number of such device public key fingerprint registrations, according to commercial agreements (a number of devices can be registered free of charge for development and test).

If Server Connect Token based access control is used, tokens must be generated on the device and somehow shared with the client. Sharing can be done during pairing.

Client Application

Nabto Edge client applications are typically developed using one of the Nabto Edge Client SDK high level wrappers, such as for Android.

The low level Nabto Edge Client SDK can be used for more advanced usage.

For less tight integration or e.g. for quick prototyping or as drivers during development, ready made client applications are provided. Source code is available that can be used as a starting point for further development and tight integration with an existing app.

The application developer provides a solution specific API key to the client application as well as a Nabto Edge Basestation server URL as part of the application code, both obtained from the Nabto Cloud Console.

The individual device’s product id and device id are needed by the client to connect to a device - these can be provided to the client e.g. through mDNS discovery using an OS specific client or Nabto’s default implementation. Or e.g. by scanning a QR code - the information just needs to somehow be passed to the client.

Once device ids are obtained, the client typically maintains a bookmarks-like inventory of known devices.

Prior to connecting to a device, the application developer must create a client keypair. The public key of the fingerprint must be passed to the device’s access control list, this is the subject of pairing.