Bosch IoT Rollouts

Device and application integration

Bosch IoT Rollouts offers developers multiple options to integrate. Following, the north-bound API for application is described, before giving an overview about the south-bound APIs for device integration.

Application Integration

Bosch IoT Rollouts offers a Management API that allows applications to manage the repository and trigger provisioning operations. It is in general feature compliant with the Management UI (Classic).

However, small differences may occur here and there. The authentication and authorization structure is identical, i.e. a user can login both at Management API and UI with the same credentials and has the same permissions available.

  • Base URL: https://MGMT_API_HOST/rest/v1/ (cf. Rollouts access URLs)

  • Purpose: application access to Bosch IoT Rollouts

  • Type: RESTful web service

  • Security: Cloud User of Bosch IoT Rollouts or Bosch ID user

  • Open for 3rd party: yes

  • Detailed information: Bosch IoT Rollouts Management API

Device Integration

Bosch IoT Rollouts offers several options for device integration. Devices can be integrated using the Direct Device Integration API, connected via the Device Management Federation API, or utilize Bosch IoT Suite for Device Management and one of its protocol connectors (e.g. Bosch IoT Edge). The decision for the right device integration path is up to the integration party.

Direct Device Integration API

The Direct Device Integration API (DDI) allows direct integration from the device to the Bosch IoT Rollouts server. It has been designed with simplicity in mind as it is fully focused on software update. It allows device integrators to separate concerns by means of having distinguished channels for business data and general device management tasks on one side and software update on the other. As a result it is possible to keep the lifesaving provisioning process controller on the device separate from the more complex business functionality. A benefit of such an architecture should not be underestimated. As stated in the motivation chapter of Rollouts: “the software update process must never fail and also never be compromised as, at the one hand, it is used to fix close to any issue/problem on the device but at the same time also poses the greatest security threat if miss-used to introduce malicious code to the device.”

As a result of such a simple HTTP/REST/JSON based API, even a major back-end migration or disaster can be covered with simple web server hosting a text file that contains only the command to update one more time to execute a migration on the device. The API was designed on purpose in way to have that last resort even if we plan that this will never be necessary.

  • Base URL: https://DDI_API_HOST/TENANT_NAME/controller/v1/ (cf. Rollouts access URLs)

  • Purpose: direct device integration into Bosch IoT Rollouts

  • Type: RESTful web service

  • Security: certificate or pre-shared security token

  • Open for 3rd party: yes

  • Detailed information: Bosch IoT Rollouts Direct Device Integration API

Device Management Federation API

The Device Management Federation API (DMF) allows to combine the business data and Bosch IoT Rollouts connectivity.

This is especially useful if a constrained device cannot handle a TLS/HTTP connection, is supporting a standard device management protocol that covers also the software update part (e.g. TR-069, OMA-DM) or the device is already connect and Bosch IoT Rollouts is introduced later on.

  • Purpose: indirect device integration through a device management or connectivity service into Bosch IoT Rollouts

  • Type: AMQP messaging interface

  • Security: AMQP broker plain authentication

  • Detailed information: Bosch IoT Rollouts Device Management Federation API