Skip to main content

Provisioning Devices on nRF Cloud

"Provisioning", or more precisely "cloud-provisioning" (to distinguish from the concept of provisioning assets onto a device), means to connect a device directly to nRF Cloud and register its device certificate. This will allow the device to use our MQTT APIs via the platform's IoT broker. As such, provisioning only applies to IP devices.

nRF Cloud supports two types of cloud provisioning: "Just in Time" (JITP) and Pre-Connect.

Pre-Connect Provisioning (Non-JITP)#

The recommended way to provision devices on nRF Cloud is to use the ProvisionDevices endpoint. This will provision your devices in bulk and add them to your account, even before they connect for the first time.

Device certificates are created using your own CA certificate. See the Devices Getting Started guide for more information on creating and flashing device certificates.

Just-in-Time Provisioning (JITP)#

JITP means that a device is provisioned when it first tries to connect to the IoT broker and present its device certificate. In other words, "just in time". Prior to that first communication, the device is not known to the broker, is not stored in the fleet registry, etc.

The JITP process requires that device certificates be created using a Nordic Semiconductor CA certificate that we manage in the cloud. You can obtain a JITP device certificate using the CreateDeviceCertificate endpoint.

JITP is how nRF9160 DK and Thingy:91 devices are cloud-provisioned, that is, if you use the certificate that is flashed to the device as shipped. You always have the option to flash new device certificates. See the Devices Getting Started guide for more information.

The disadvantage of JITP is that can be resource intensive and time consuming, taking up to thirty seconds after it makes its first connection. You also have to explicitly add a JITP device to your account after provisioning, proving ownership (the right to "claim") with a hardware ID or PIN. For Nordic products this is provided on the product label. For custom devices when using a JITP certificate, you provide an "ownership code" of your choosing.