Overview of the nRF Cloud APIs
This section introduces the nRF Cloud REST and MQTT APIs.
The following diagram shows the general relationships between the APIs, services, devices, and other components:
nRF Cloud API overview
nRF Cloud REST API
The nRF Cloud REST API is organized into the following categories:
- General endpoints related to account management, certificates, and tokens and keys.
- Device management endpoints for IP, gateway, and Bluetooth® Low Energy (LE) devices:
- Device data.
- Bluetooth-specific operations.
- Viewing device messages, including MQTT.
- Endpoints related to updating firmware:
- Creating, uploading, and managing bundles.
- Initiating and managing update jobs.
- Monitoring firmware update executions.
- Location Services endpoints:
- Downloading GPS assistance data
- Querying cell, ground fix and Wi-Fi location.
- Viewing location history.
- Endpoints to monitor bulk operation requests, such as bulk provisioning.
- Endpoints related to managing and reporting IMEIs.
Authentication for REST depends on the operation and which components are communicating:
- User-to-device or user-to-nRF Cloud operations require an API key. These are mostly related to provisioning, fetching device data, and viewing account or usage information.
- Device-to-cloud (D2C) endpoints are authenticated using JSON Web Tokens (JWTs). Since these operations originate from devices, nRF Cloud requires a high level of security.
- Cloud-to-cloud (C2C) use cases, such as some integrations of Location Services through a proxy server, are authenticated with JWTs.
C2C use of nRF Cloud requires a Pro or Enterprise plan.
See REST API authentication for more detail, and generating tokens and keys for a guide.
nRF Cloud MQTT API
Using the nRF Cloud MQTT API depends on which topics a device is allowed to use based on its IoT security policy. The MQTT API supports D2C use cases and some user-to-cloud operations, such as publishing messages directly on MQTT topics to which your devices are subscribed.
You can implement this in more than one way, as in the following examples:
- Use an MQTT client, such as a NodeJS app using an nRF Cloud account device to monitor and interact with all of that user's devices.
- Use secure MQTT communication over WebSockets with the nRF Cloud portal or phone gateway application.
See the MQTT API overview for more on authenticating MQTT operations, as well as documentation of all available nRF Cloud MQTT topics.