Provisioning configuration through the nRF Cloud portal

This guide explains how to manually define the provisioning configuration of your claimed devices through the nRF Cloud portal.

Prerequisites

To add a provisioning configuration to a device, you must first claim the device.

Viewing and changing device claim status

To view the status of a claimed device:

1. Log in to the nRF Cloud portal.

2. Select Security Services in the left sidebar.

   A panel opens to the right.

3. Select Claimed Devices.

4. Select a claimed device.

From this view, you can access the following operations:

• Block: A blocked device cannot be provisioned and does not run provisioning commands, but does not delete the device from the service or forfeit the device claim. The device remains onboarded, if onboarding has previously finished, and can still connect to other nRF Cloud services.
• Unclaim Device: This forfeits the device claim and delete it from the service.

Caution

If you unclaim your device, it is deleted from the service and can be claimed by another user or team.

Managing provisioning commands

note

Commands added by a provisioning rule to an offline device do not appear in the configuration until the device is online.

To access a device's provisioning configuration, do the following:

1. Select Security Services in the left sidebar.

   A panel opens to the right.

2. Select Claimed Devices.

3. Select a claimed device.

From this point, you can add commands, reset commands, or discard commands.

Adding

You can add up to 20 commands for a single device.

To add a new command:

1. Click Add command.

   A pop-up opens.

2. (Optional) Give a description of the command.

3. Choose the request type. See the API documentation for more information on command types and parameter formatting requirements:

   • Client private key generation: Specify security tag.
   • Certificate signing request: Specify security tag, attributes, and key usage.
   • Cloud access key: Specify security tag.
   • Client certificate: Specify security tag and content.
   • Server certificate: Specify security tag and content.
   • Client private key: Specify security tag, content, and password.
   • Pre-shared key (PSK): Specify security tag, identity, and secret.
   • Configuration: Pass a key-value pair, formatted as strings, to the device.
     • Click the + sign under the Value text box to add more key-value pairs.

4. Click Refresh to update the page.

The new command appears in the configuration. The command runs the next time the device attempts provisioning.

Resetting

You can reset successful or failed commands either individually or as a group:

• To reset all provisioning commands:

  1. Click the Reset button in the Provisioning Commands card.

     A pop-up opens.

  2. Click OK to confirm.

This sets all commands to pending. These commands will run again the next time the device attempts provisioning, or you can discard them instead.

• To reset an individual command:

  1. Click on any field in the command row.

     A pop-up opens.

  2. Click Reset.

The command is now reset. It will run again the next time the device attempts provisioning, or you can delete it instead.

Discarding and deleting

You can only discard pending commands. You can discard pending commands either individually or as a group.

To discard all pending commands:

1. Click Discard. This stops all pending commands.

   A pop-up opens asking for confirmation.

2. Confirm that you want to discard commands.

All pending commands are now discarded.

To delete an individual pending command:

1. Click on any field in the command row.

   A pop-up opens.

2. Click Delete.

The pending command is now deleted.

Recovering from errors

To handle failed commands, see Troubleshooting.