This section introduces the nRF Cloud REST and MQTT APIs.
The following diagram shows the general relationships between the APIs, services, devices, and other components:
nRF Cloud API overview
nRF Cloud REST API
The nRF Cloud REST API is organized into the following categories:
- General endpoints related to account management, certificates, and tokens and keys.
- Device management endpoints for IP, gateway, and Bluetooth® Low Energy (LE) devices:
- Endpoints related to updating firmware:
- Location Services endpoints:
- Endpoints to monitor bulk operation requests, such as bulk provisioning.
Authentication for REST depends on the operation and which components are communicating:
- User-to-device or user-to-nRF Cloud operations require an API key. These are mostly related to provisioning, fetching device data, and viewing account or usage information.
- Device-to-cloud (D2C) endpoints are authenticated using JSON Web Tokens (JWTs). Since these operations originate from devices, nRF Cloud requires a high level of security.
- Cloud-to-cloud (C2C) use cases, such as some integrations of Location Services through a proxy server, are authenticated with JWTs. C2C use of nRF Cloud requires a Pro or Enterprise plan.
nRF Cloud MQTT API
Using the nRF Cloud MQTT API depends on which topics a device is allowed to use based on its IoT security policy. The MQTT API supports D2C use cases and some user-to-cloud operations, such as publishing messages directly on MQTT topics to which your devices are subscribed.
You can implement this in more than one way, as in the following examples:
- Use an MQTT client, such as a NodeJS app using an nRF Cloud account device to monitor and interact with all of that user's devices.
- Use secure MQTT communication over WebSockets with the nRF Cloud portal or phone gateway application.