Here’s a high-level outline of an approach we’ve successfully helped implement for a customer that is doing self-registration for Edge Agents.
- Run the Edge Agent container and mount in an empty config.toml file. This will cause the Edge Agent to continually shutdown and restart waiting for a valid configuration file.
- A separate process, in this case running on the host OS, is performing the registration round-trip to Losant. That process then writes a valid config.toml file once it obtains the device ID, access key, and secret.
- When the Edge Agent restarts (which is every few seconds), it will pick up the valid config and connect to Losant.
For this particular customer, they’re using a signed JWT to validate the device. The registration process POSTs this JWT as part of the round-trip. Since the signature is secret, we can assume it’s a valid device if the JWT properly verifies. We have JWT: Decode and JWT: Verify nodes that can help with this.
What’s nice about JWT is that additional information can be added, which can instruct the application workflow to do different things. For example, you could put a device type in there, which cause the workflow to create a Losant device from a specific recipe.