Bosch IoT Device Management - will be discontinued by mid 2024

Register a device via the Device Provisioning API

The getting started section has already taught you how to register a device through the Bosch IoT Manager console.
However, you can achieve the same outcome via the "Device Provisioning API", and this guide will explain exactly how.

Using this approach will allow your thing to be "visible" for all parts of your IoT application which communicate with the Bosch IoT Device Management.

The authScope field can be used and set to deviceManagementSubscription, meaning your complete subscription (all users, clients and components) will be able to access it.

Your entry point into our interactive API documentation is Bosch IoT Suite - Device Provisioning.

Provisioning request


  1. Authorize with a JWT
    For example, Create a Suite Auth client, or copy the token offered at the Bosch IoT Manager UI.

  2. Use the provisioning resource.
    POST /{service-instance-id}/devices

  3. Click Try it out to get all entry fields editable.

  4. Set the authScope to deviceManagementSubscription.

  5. Set the service-instance-id.
    To look it up, navigate to the Bosch IoT Suite UI>Subscriptions, select your relevant subscription on the list, and from the details view on the right copy the value of your Instance ID. Then switch back to the API docs to enter it in the respective field.

  6. Edit the content for the body.

  7. Set the minimal request body.

    • The "id" value needs to be defined by you.
      In case you have not defined a namespace yet, you will need to do it now. See Register a namespace

    • The "hub" entries :
      For your
      credentials you can set the password in plain text here, as we use HTTPS.
      It will be stored on the backend in the hashed form.

    • The "thing" entry could theoretically remain empty (an empty "POST" thing is supported and would generate an empty thing and its default policy).

      "id": "your.namespace:device-0101",
      "hub": {
      "device": { },
      "credentials": {
      "type": "hashed-password",
      "secrets": [
      "password": "your-secret-in-plain-text-will-be-hashed-automatically"
      "things": {
      "thing": {
      "attributes": {
      "manufacturer": "My awesome company"
  8. Click Execute to submit the request.

  9. Verify that the request was successful Code 201.


You can download the result as JSON for further requests.

The field _policy will reveal which subjects are allowed to read or write the thing.


Upon success, you will have created a device, corresponding to a thing with a policy, which authorizes all users, clients and components who have access to the same Bosch IoT Device Management subscription.

The policy is grouped by default in following sections

  • DEFAULT - authorized subjects are those who triggered the provisioning (e.g. the subjects derived from the Suite Auth token)

  • DEVICE-MANAGEMENT - authorized subjects are Bosch IoT Manager and Bosch IoT Rollouts as well as the managed connection from Bosch IoT Things to Bosch IoT Manager

  • DEVICE - authorized subject is the connection from Bosch IoT Hub to Bosch IoT Things

Check visibility

The new created thing should be visible at the Bosch IoT Suite Console, the Bosch IoT Things UI and the Bosch IoT Manager UI as a device, alike.