Bosch IoT Device Management

Configure permissions from Insights to Things

Feel free to skip this section in case you work on an new Bosch IoT Insights subscription.


This section explains steps to do in the Insights UI.


Configuring a custom Bosch IoT Things service instance

If you have a project with a large amount of devices, it is recommended to configure your own Bosch IoT Things service instance within Bosch IoT Insights.

Paid-plan users: After you have configured a custom Bosch IoT Things service instance, you cannot revert to the default Bosch Iot Things service instance.

Proceed as follows

  1. Activate the Custom Bosch IoT Things service instance checkbox to configure your Bosch IoT Things service instance within Bosch IoT Insights.

    images/confluence/download/attachments/1094173013/admin_project_BoschIoTThings_custom_instance_2021_12_10.png

  2. In the Things Service Instance pane, add the following information of your Bosch IoT Suite subscription.

    1. In the Bosch IoT Things Location drop-down list, select the location of your Bosch IoT Things service instance.

    2. If you selected AWS Frankfurt (EU-1) in the Bosch IoT Things Location drop-down list, the checkbox Enable Device Provisioning for creating and deleting devices is displayed.

      If you activate the Enable Device Provisioning for creating and deleting devices checkbox, the Device Provisioning API of the Device Management Package will be called when a device is created or deleted. That means that the data is sent to the Device Management Package endpoint.

      Changing the Bosch IoT Things Location may delete all your existing devices. Contact the Bosch IoT Insights' support team if you want to proceed with this change.

    3. In the Solution ID field, enter the Solution ID.

  3. In the OAuth2 Client pane, add the following information of your OAuth2 client.

    The OAuth2 Client needs the scope of the Bosch IoT Things service instance you just created to access the service instance.

    1. In the OAuth2 client name field, enter the client name of your OAuth2 Client.

    2. In the OAuth2 client ID field, enter the Client ID.

    3. In the OAuth2 client secret field, enter the client secret.

    4. In the OAuth2 client scope for Bosch IoT Suite Services field, enter the client scope of your Bosch IoT Things service instance which starts with service:iot-things.

    5. In the OAuth2 client scope for Bosch IoT Insights field, enter the client scope of your Bosch IoT Insights service instance.

    6. Click the Assign to OAuth2 client button to update the Bosch IoT Insights' scope.
      → The OAuth2 client update page in the Bosch IoT Suite Portal is displayed in a new tab.

    7. Click Update to save the Bosch IoT Insights' scope for your OAuth2 client.

    8. Close the tab.

  4. In the Namespace pane, add the following information of the Bosch IoT Things subscription.

    When you book a Bosch IoT Things service instance, you receive a solution. Within this solution, you can create namespaces. This has to be done on the IoT Things Dashboard or via the corresponding API. A namespace is required to use Bosch IoT Things with Bosch IoT Insights. Your Things will reside within this namespace. Example: com.example.myns.

    Find the detailed concept in the Namespace chapter of the Bosch IoT Things documentation.

    1. In the Namespace field, enter the namespace which you created in your Bosch IoT Things service instance.

    2. In the Default Policy ID field, enter the Default Policy ID, the namespace, and add :default as Policy ID, e.g. dev.test:default.

  5. Click the Switch to Custom or Save button.
    → The custom Bosch IoT Things service instance has been configured.

  6. Wait approximately 5 minutes before reloading the browser and testing the creation of new devices in your namespace using Bosch IoT Insights.

The Bosch IoT Things service instance configuration is cached for up to 5 minutes in different parts of Bosch IoT Insights. So it may take a while before the newly configured service instance can be used. If the cache has not been renewed yet, the Bosch IoT Things configuration page shows the warning The configured instance is currently not in effect. It should take no longer than 5 minutes.Reload the page and check if the warning is gone. When it is gone, the newly configured Bosch IoT Things service instance can be used.

Once the newly configured Bosch IoT Things service instance is in effect, you can browse to Devices > All Devices to see all Things in your namespace that you are allowed to view. If you miss Things, you might not have the necessary permissions to see them, refer to the Configuring the policy of existing Things section on how to get access.

Common errors

Default Policy could not be created: Failed to create policy dev.test:default: Check if the ID of your requested Policy was correct and you have sufficient permissions.

This error can be returned when the policy already exists and the API user is not allowed to access it.

→ Change the Default Policy ID.

Check the project configuration

Make sure you have set the valid credentials for your Bosch IoT Things instance booked with the Bosch IoT Device Management.

images/confluence/download/attachments/2232980530/insights-to-things.png

Check the Suite OAuth Client

The OAuth Client should now hold additionally the Insights entry.

images/confluence/download/attachments/2232980530/insight-oauth-token.png