Nabto Edge Embedded Device SDK

The Nabto Edge Embedded Device SDK is to be integrated with the vendor’s embedded device application. It then provides secure, remote and local access to the vendors application through the Nabto Edge platform. The SDK is open source and ANSI C based.


The Device Context API manages the opaque device references that all interaction with the API takes place through.


The Connection API enables the application to get notified on incoming connections and query established connections. This API is typically not necessary to integrate directly with from applications.


The Streams API enables exchange of data between client and device on top of a Nabto connection using a socket like abstraction. The stream is reliable and ensures data is received ordered and complete. If either of these conditions cannot be met, the stream will be closed in such a way that it is detectable.


The TCP Tunnel API is a high level wrapper for streaming, allowing applications to tunnel traffic through Nabto by integrating through a simple TCP socket, just like e.g. SSH tunnels. TCP Tunnels can hence be used to quickly add remote access capabilities to existing applications that already support TCP communication.


The CoAP API allows exchange of CoAP messages on top of a Nabto connection between a client and device. This is conceptually similar to Nabto 4 RPC but much more robust and complete.


Service invocation allows the device to invoke a custom HTTP service configured in the basestation. This makes it possible to integrate with external services without needing a client initiated connection to the device - and without needing an HTTPS client implementation on the device.


Integration with Firebase Cloud Messaging (FCM) notifications allows the device to send push notifications to typically mobile clients.


In Nabto Edge, local devices are discovered using mDNS (BonJour). A device application can either use the built in mDNS functionality or use a third party mDNS implementation. This section describes the built-in mDNS implementation to allow clients to discover a device.


The Future API makes it possible to use the async functions in this SDK either as callback based, blocking based or polled.


The Listener API supports asynchronous functions that are expected to be invoked recurringly, for instance when an incoming CoAP request is received or a new stream is accepted.


Nabto Edge supports password authentication. It is recommended to only use this in initial bootstrapping (pairing) and then subsequently use public key based authentication. This pattern is implemented by the Nabto Edge IAM module that makes it simple to use for applications. But the low-level password authenticaton API is also available for application to use if desired.


The Authorization API allows the application to make authorization decisions for the core. That is, the core asks the application to decide if a given authorization request should be approved or rejected. By using the IAM module, this API invoked automatically to enforce IAM policies on client connections.


Server connect tokens enable the device to decide who can access it through the server (basestation). The tokens should not be used as the only authorization mechanism but be seen as a filter for which connections is allowed from the internet to the device, e.g. to prevent DoS attacks on devices.


The logging API allows the application to retrieve log messages from the core SDK and configure the desired core log level.


Functions for starting the optional MDNS server, getting the SDK version, accessing error info and freeing SDK allocated resources.