Azure IoT Hub
!!! failure "This feature is not included in precompiled binaries, To use it you must compile your build.
Add the following to user_config_override.h
:
#ifndef USE_MQTT_TLS
#define USE_MQTT_TLS
#endif
#define USE_MQTT_AZURE_IOT
As of Tasmota version 9.2.4, Tasmota now supports TLS 1.2 connections to Azure IoT Hub using time bound token authentication based on a unique key. Tasmota can be used with or without Azure Device Provisioning Service which is used for simplified deployment at scale.
Benefits~
Azure IoT Hub supports bi-directional communication between the could and both IoT Devices and/or Intelligent Edge devices base on Azure IoT Edge. Azure IoT Hub supports REST, AMQP and the MQTT 3.1.1 protocol as discussed here. IoT Hub supports Trusted Platform Module (when used with Device Provisioning Service), x509 Certificates and Preshared Keys authentication discussed here.
Authentication~
This version of Tasmota leverages the Preshared Key authentication, which will create a time bound (one hour by default) SHA256 signature based on a unique key. Only this signed text is sent across the network over a TLS 1.2 channel ensuring mutual authentication. Because of this time bound nature, Tasmota must (by default) be configured to synchronize time with public Network Time Protocol Servers. Developer level information provided here discussed here.
Cost~
Azure IoT Hub provides a free tier that allows for up to 8,000 message a day.
IoT Central~
In addition to Azure IoT Hub which is a Platform as a Service (PaaS), Tasmota also works with IoT Central which is a more complete Software as a Service (SaaS).
How to configure (without Device Provisioning Service)~
0. Open an Azure Subscription~
If you don't already have an Azure Subscription (one is included with most MSDN subscriptions), you can get started here: https://azure.microsoft.com/account/free
1. Create an Azure IoT Hub and a Device~
The following steps will walk you through creating an IoT Hub and your first device using a web browser: https://docs.microsoft.com/en-us/azure/iot-hub/iot-hub-create-through-portal
You will need 3 pieces of information from this step:
Information | Your Setting | Example Value |
---|---|---|
IoT Hub Full Name | myiothub.azure-devices.net | |
Device Id | myfirstTasmotaDevice | |
Primary Key | i2B6TVRnpWGS5i5aZaRddaGTc+tIte1gg4PUkh0t+30= |
2. Compile your binary including support for Azure IoT~
Following the directions here: https://tasmota.github.io/docs/Compile-your-build/ compile your binary adding the following settings to your my_user_config.h.
#ifndef USE_MQTT_TLS
#define USE_MQTT_TLS
#endif
#define USE_MQTT_AZURE_IOT
3. Flash your device and configure for WiFi~
Flash your device as discussed here and then configure the WiFi as discussed here.
4. Configure your device for you Azure IoT Hub~
In the web portal, click the configuration button and then the configure MQTT button.
Following the diagram below, set the: Host (IoT Hub Full Name), Port of 8883, select MQTT TLS, type in the Client and User (your Device Id) and the Password (your Primary Key) and click Save
. Your device will reboot and connect.
5. Verify the connection~
In the Console of Tasmota, you will see it was authenticated with a token, connected and it will start sending state:
Using a tool like the Azure IoT Explorer, you can see message received in IoT Hub. Note the topic property.
6. Send a message to your Tasmota~
Using a tool like the Azure IoT Explorer, select Cloud-to-device message set a property of Topic
to /power
, add toggle
to the message body and click Send message to device
button. All of the Tasmota Commands are discussed here https://tasmota.github.io/docs/Commands/.
How to configure (with Device Provisioning Service)~
Azure Device Provisioning Services (DPS) allows for automatic deployment at scale. Simular to Tasmota authenticating to IoT Hub without DPS, authenticating to DPS uses a time bound SHA256 signature to authenticate over TLS 1.2.
For this setup, we configure the following settings when building our binary. For full automation, you will want to add STA_SSID1
and STA_PASS1
to your user_config_override.h
.
Add the following to user_config_override.h
:
#ifndef USE_MQTT_TLS
#define USE_MQTT_TLS
#endif
#define USE_MQTT_AZURE_IOT
#define USE_MQTT_AZURE_DPS_SCOPEID "YOURSCOPEIDHERE"
#define USE_MQTT_AZURE_DPS_PRESHAREDKEY "YOURPRESHAREDKEYHERE=="
0. Open an Azure Subscription~
If you don't already have an Azure Subscription (one is included with most MSDN subscriptions), you can get started here: https://azure.microsoft.com/account/free
1. Create a Device Provisioning Service, IoT Hub and link them together~
Following: https://docs.microsoft.com/en-us/azure/iot-dps/tutorial-set-up-cloud to create your DPS and IoT Hub. Note your Scope Id for later use as shown below:
2. Create a Group Enrollment with a Symmetrical Key~
In your Device Provisiniong Service, click Manage enrollments
and then click Add enrollment group
.
As shown below, name your group, select Symmetric Key, select your linked IoT Hub and then click Save
.
Once created you can select the enrollment group to retrieve the Primary Key, as shown below:
3. Compile your binary including support for Azure IoT Device Provisioning Service~
Following the directions here: https://tasmota.github.io/docs/Compile-your-build/ compile your binary adding the following settings to your my_user_config.h adding your Scope Id and your Primary Key.
!!! tip Don't forget your WiFi settings for complete automation.
#ifndef USE_MQTT_TLS
#define USE_MQTT_TLS
#endif
#define USE_MQTT_AZURE_IOT
#define USE_MQTT_AZURE_DPS_SCOPEID "0ne00223A39"
#define USE_MQTT_AZURE_DPS_PRESHAREDKEY "mVVdX8MPUFUoYaG7Wq6HyMcsz0kZNfwVwiafChvFDxrs0s8pa5gVV6myMbqOBCqGraVFZFupD3RiIgx0B4ZACA=="
4. Flash your device and configure for WiFi~
!!! tip If you configured the WiFi in the config file, no WiFi configuration needed.
Flash your device as discussed here and then configure the WiFi as discussed here.
5. Verify your automatic (DPS) configuration~
In the Console of Tasmota, you will see it was registered with Device Provisioning Service (which created the IoT Hub device) and authenticated with a token, connected and it will start sending state:
If you look at the Information, you will see it automatically defined: Host, Port, TLS and MQTT Client (device Id) -- which defaulted to the MAC address which is unique:
Using a tool like the Azure IoT Explorer, you can see message received in IoT Hub. Note the topic property.
6. Send a message to your Tasmota~
Using a tool like the Azure IoT Explorer, select Cloud-to-device message set a property of Topic to /power
, add toggle
to the message body and click the Send message to device
button.