nRF Cloud Device Provisioning¶
Overview¶
The nRF Cloud Device Provisioning sample demonstrates how to use the nRF Cloud device provisioning service on the nRF9151 Connect Kit.
The sample shows how the device performs the following actions:
- Connects to nRF Cloud Provisioning Service.
- Fetches available device-specific provisioning configuration.
- Decodes the commands.
- Acts on any AT commands, if available.
- Reports the results back to the server. In the case of an error, stops processing the commands at the first error and reports it back to server.
- Sends
FINISHED
response if all the previous commands are executed without errors provided andFINISHED
is one of the set provisioning commands.
Requirements¶
Before you start, check that you have the required hardware and software:
- 1x nRF9151 Connect Kit
- 1x nano-SIM card with LTE-M or NB-IoT support
- 1x U.FL cabled LTE-M/NB-IoT/NR+ Flexible Antenna (included in the box)
- 1x USB-C Cable
- A computer running macOS, Ubuntu, or Windows 10 or newer
Don't have an nRF Cloud account?¶
To connect your device and use nRF Cloud services, you must create an nRF Cloud account:
- Go to the nRF Cloud portal and click Register.
- Enter your email address and choose a password.
- Click Create Account.
-
Check for a verification email from nRF Cloud.
Tip
If you do not see the verification email, check your junk mail folder for an email from
no-reply@verificationemail.com
. -
Copy the six-digit verification code and paste it into the registration dialog box.
Tip
If you accidentally closed the registration dialog box, repeat Step 1 and click Already have a code?. Enter your email address and verification code.
You can now log in to the nRF Cloud portal with your email and password. After logging in, you can see the Dashboard view that displays your device count and service usage.
Set up your board¶
- Insert the nano-SIM card into the nano-SIM card slot.
- Attach the U.FL cabled LTE-M/NB-IoT/NR+ Flexible Antenna.
- Connect the nRF9151 Connect Kit to the computer with a USB-C cable.
Building the sample¶
To build the sample, follow the instructions in Getting Started Guide to set up your preferred building environment.
Use the following steps to build the nRF Cloud Device Provisioning sample on the command line.
-
Open a terminal window.
-
Go to
NCS-Project/nrf9151-connectkit
repository cloned in the Getting Started Guide. -
Build the sample using the
west build
command, specifying the board (following the-b
option) asnrf9151_connectkit/nrf9151/ns
.The
-p
always option forces a pristine build, and is recommended for new users. Users may also use the-p auto
option, which will use heuristics to determine if a pristine build is required, such as when building another sample.Note
This sample has Cortex-M Security Extensions (CMSE) enabled and separates the firmware between Non-Secure Processing Environment (NSPE) and Secure Processing Environment (SPE). Because of this, it automatically includes the Trusted Firmware-M (TF-M).
-
After building the sample successfully, the firmware with the name
merged.hex
can be found in thebuild
directory.
Flashing the firmware¶
Set up your board before flashing the firmware. You can flash the sample using west flash
:
Tip
In case you wonder, the west flash
will execute the following command:
Testing¶
After programming the sample, test it by performing the following steps:
-
Open up a serial terminal, specifying the correct serial port that your computer uses to communicate with the nRF9151 SiP:
- Start PuTTY.
-
Configure the correct serial port and click Open:
-
Press the DFU/RST button to reset the nRF9151 SiP.
-
Wait for the LTE link to be established. You should see the output, similar to what is shown in the following:
-
Type
nrf_provisioning token
command and press the Enter key Enter to get the device’s attestation token. -
Log in to the nRF Cloud portal. Claim the board by performing the following steps:
- Select Security Services -> Claimed Devices.
- Click the Claim Device button. A pop-up opens.
- Leave the default type Single selected.
- Paste the attestation token into the Claim Token field.
- Select Create new rule for onboarding to nRF Cloud so it is toggled on. This enables auto-onboarding and creates a rule that you can use later to onboard additional devices. Creating a rule also adds an associated provisioning group.
- Change the name of the rule, if desired.
- The default security tag for the nRF Cloud samples is
16842753
. Leave this default value as is for initial onboarding. - Leave the default Root CA Certificates option All selected. This allows the device to use both CoAP and MQTT/REST to connect to nRF Cloud.
- The Device Management Groups, Supported Firmware Types, and Device Subtype fields are optional. You can leave them blank.
- Click the Create Rule and Claim Device button.
The device is now claimed and ready to use the nRF Cloud Provisioning Service. It appears in the Claimed Devices list in a provisioning group for the newly created rule.
-
To enforce the connection to the provisioning service, press the DFU/RST button to reset the nRF9151 SiP.
-
Verify in the terminal that the device checks for provisioning commands and runs them. You should see the output, similar to what is shown in the following:
-
After the device finishes processing provisioning commands, the device status is now shown as
PROVISIONED
.