MQTT Authentication
MQTT Authentication
Section titled “MQTT Authentication”SiliconWit.IO requires authentication for all MQTT connections to ensure your data stays secure.
Authentication Method
Section titled “Authentication Method”Every device uses username/password authentication:
| Field | Value |
|---|---|
| Username | Your Device ID |
| Password | Your Access Token |
| Client ID | Your Device ID |
Getting Credentials
Section titled “Getting Credentials”- Log in to your Dashboard
- Go to Devices → Select your device
- Find your Device ID (always visible)
- Click Reveal Token to see your Access Token
Connection Example
Section titled “Connection Example”const char* device_id = "dev_a1b2c3d4e5f6";const char* access_token = "tok_xxxxxxxxxxxxxxxxxxxxxxxx";
// Connect with authenticationclient.connect(device_id, device_id, access_token);TLS Encryption
Section titled “TLS Encryption”For production deployments, use TLS to encrypt your connection:
Port 8883 (MQTT over TLS)
Section titled “Port 8883 (MQTT over TLS)”#include <WiFiClientSecure.h>
WiFiClientSecure secureClient;PubSubClient mqtt(secureClient);
void setup() { // For testing (accepts any certificate) secureClient.setInsecure();
// For production (verify server certificate) // secureClient.setCACert(root_ca_cert);
mqtt.setServer("mqtt.siliconwit.io", 8883);}WebSocket Secure (WSS)
Section titled “WebSocket Secure (WSS)”For browser or WebSocket clients:
wss://mqtt.siliconwit.io:8084/mqttTopic Authorization
Section titled “Topic Authorization”Devices can only access their own topics:
| Allowed | Not Allowed |
|---|---|
devices/{your-id}/telemetry | devices/{other-id}/telemetry |
devices/{your-id}/commands | devices/+/telemetry |
devices/{your-id}/status | # |
Attempting to publish or subscribe to unauthorized topics will fail silently or disconnect the client.
Token Security Best Practices
Section titled “Token Security Best Practices”- Store tokens in secure storage or environment variables
- Use TLS in production
- Rotate tokens periodically
- Use unique tokens per device
- Hardcode tokens in source code (use config files)
- Share tokens between devices
- Log or print tokens
- Send tokens over unencrypted connections
Regenerating Tokens
Section titled “Regenerating Tokens”If a token is compromised:
- Go to Dashboard → Devices → Select device
- Click Security tab
- Click Regenerate Token
- Update your device with the new token
Regenerating a token immediately invalidates the old one. Your device will disconnect until updated.
API Key Authentication
Section titled “API Key Authentication”For server-to-server communication, use API keys instead:
curl -X POST https://api.siliconwit.io/v1/devices/abc123/telemetry \ -H "Authorization: Bearer YOUR_API_KEY" \ -H "Content-Type: application/json" \ -d '{"temperature": 25.5}'API keys are managed in Dashboard → Settings → API Keys.
Connection Limits
Section titled “Connection Limits”| Plan | Concurrent Connections |
|---|---|
| Starter | 3 |
| Business | 50 |
| Enterprise | Unlimited |
Each device can have one active MQTT connection. Opening a new connection with the same credentials will disconnect the previous one.
Troubleshooting
Section titled “Troubleshooting”Connection Refused (Error 5)
Section titled “Connection Refused (Error 5)”- Cause: Invalid username or password
- Fix: Verify Device ID and Access Token are correct
Connection Lost Repeatedly
Section titled “Connection Lost Repeatedly”- Cause: Another client using same credentials
- Fix: Ensure only one connection per device
TLS Handshake Failed
Section titled “TLS Handshake Failed”- Cause: Certificate verification failed
- Fix: Update device time (NTP), or use
setInsecure()for testing
Next Steps
Section titled “Next Steps”- MQTT Basics - Protocol fundamentals
- Quick Start - Get connected