Nabto WebRTC Signaling Configuration

This guide explains how to configure the identifiers and keys required for devices to connect to the Nabto WebRTC Signaling Service.

Each device must be assigned a Product ID and Device ID, and must be provisioned with a private/public key pair. The public key must be registered with the service to enable secure signaling. For more information on device authentication, see the security guide.

Products and devices can be managed interactively in the Nabto Cloud Console or programmatically via the Nabto Cloud API.

Signaling Configuration

Nabto WebRTC Products

Each Nabto WebRTC product includes:

  • A Product ID, a globally unique identifier on the form wp-<8 chars>, eg. wp-39wu7tex. Product IDs are automatically generated by the system.
  • A configured region, selected by the vendor when the product is created in the Nabto Cloud Console. Signaling traffic for all devices in the product is routed through this region.

Nabto WebRTC Device ID

Each device is assigned a Device ID, which is unique within its product. It is a string on the form wd-<16 chars>, for example wd-3xtqp3hy4xxy3av3.

Together with the Product ID and key material, this ID is used to authenticate the device and establish a secure signaling connection. Clients use the device ID when requesting a signaling connection to the given device through the Nabto WebRTC Signaling service.

Per Device Cryptographic Keys

Devices authenticate towards the Nabto WebRTC Signaling service using public-key cryptography. Each device must be provisioned with a private/public key pair. The private key remains securely on the device, and the public key is registered with the Nabto WebRTC Signaling Service for each device, either through the Nabto Cloud Console or programmatically.

See the Camera Authentication guide for technical details on key formats and usage.

Authorization Keys (optional)

If using central authorization of users, a public key must be registered through the console to verify the JWT signature from the vendor’s authorization service. Such public key is registered per product under the “Authorization Keys” tab in the console.

The device vendor is responsible for provisioning each device with a Device ID, a Product ID and a key pair. The vendor must also register the public key with the signaling service.

Development and Production Workflows

During development, the Nabto Cloud Console can be used to:

  • Create new products and devices
  • Retrieve product and device IDs
  • Upload public keys
  • Generate test private keys (for temporary use only)

In production, device provisioning is typically automated:

  • Bulk generation of device IDs and key pairs
  • Batch upload of public keys
  • Integration with existing manufacturing or fleet management systems via the Nabto Cloud API