Device Authentication for extra data

Hi all,

We’re using balenaCloud for our next application. These devices can authenticate with balenaCloud to send data and receive updates etcetera, but our devices also have extra data that isn’t used in balenaCloud of course. So we would like to link the balenaCloud devices to our own server where the data can be stored. But than the balenaCloud device has 2 different authentication setups.

I would like to gather some information and tips from the community and the balena team on how to setup this ‘link’ between balenaCloud devices and our server. For example, is it possible to use the same authentication credentials for balenaCloud as for our server? Or do we have to make a “setup”-protocol for the device that registers with our server and the only link is the UUID? And if so, are there recommendations to do this automated, just like the flashing of balenaCloud?

I’d love to hear some thoughts about it, because we’d like to make this progress as automated as possible!

Thanks in advance!

@vedicium not sure this fully answers your questions, but I would start by looking at the 3rd party integrations here most of those setup cloud identities that are linked to balena specific IDs so some of them might be a good source of inspiration.

Hi @shaunmulligan,

Thanks for the response. I’ve looked at that integrations and I’ve found some inspiration. So I have created a provisioning API for our projects and I’m currently testing it!

The only obstacle I’m currently running into is when to provision a device and the feedback if it succeeded or if an error occurred, and if so, which error. Is it possible to add this process to the flashing of a device, just like the Balena image does, or is there something made for these kind of functions? I’d like to provision the device before it’s shipped to a client, but I don’t want to wait for every device until all containers are downloaded and then wait for the provisioning, because this could take some time.

Thanks in advance!

Hi @vedicium, glad those integrations provided some inspiration. For the manufacturing and bring up of devices I would recommend you look at this blog post:

The blog post is a bit out of date, but for injecting your docker container images onto the image before flashing you want to use the balena preload command here:

For pre-registring a device in the cloud you can look at Step 2: Pre-provision a device there, it allows you to create a cloud identity with uuid before.

I think those should get you most of the way. Let me know if you have further questions.