Nabto Edge Embedded Device SDK

The Nabto Edge Embedded Device SDK is to be integrated with the vendor’s embedded device application. It then provides secure, remote and local access to the vendors application through the Nabto Edge platform. The SDK is open source and ANSI C based.

DEVICE CONTEXT

The Device Context API manages the opaque device references that all interaction with the API takes place through.

CONNECTION

The Connection API enables the application to get notified on incoming connections and query established connections. This API is typically not necessary to integrate directly with from applications.

STREAMS

The Streams API enables exchange of data between client and device on top of a Nabto connection using a socket like abstraction. The stream is reliable and ensures data is received ordered and complete. If either of these conditions cannot be met, the stream will be closed in such a way that it is detectable.

TCP TUNNELLING

The TCP Tunnel API is a high level wrapper for streaming, allowing applications to tunnel traffic through Nabto by integrating through a simple TCP socket, just like e.g. SSH tunnels. TCP Tunnels can hence be used to quickly add remote access capabilities to existing applications that already support TCP communication.

CoAP

The CoAP API allows exchange of CoAP messages on top of a Nabto connection between a client and device. This is conceptually similar to Nabto 4 RPC but much more robust and complete.

SERVICE INVOCATION

Service invocation allows the device to invoke a custom HTTP service configured in the basestation. This makes it possible to integrate with external services without needing a client initiated connection to the device - and without needing an HTTPS client implementation on the device.

FCM NOTIFICATIONS (MOBILE PUSH)

Integration with Firebase Cloud Messaging (FCM) notifications allows the device to send push notifications to typically mobile clients.

mDNS

In Nabto Edge, local devices are discovered using mDNS (BonJour). A device application can either use the built in mDNS functionality or use a third party mDNS implementation. This section describes the built-in mDNS implementation to allow clients to discover a device.

FUTURES

The Future API makes it possible to use the async functions in this SDK either as callback based, blocking based or polled.

LISTENERS

The Listener API supports asynchronous functions that are expected to be invoked recurringly, for instance when an incoming CoAP request is received or a new stream is accepted.

PASSWORD AUTHENTICATION

Nabto Edge supports password authentication. It is recommended to only use this in initial bootstrapping (pairing) and then subsequently use public key based authentication. This pattern is implemented by the Nabto Edge IAM module that makes it simple to use for applications. But the low-level password authenticaton API is also available for application to use if desired.

AUTHORIZATION

The Authorization API allows the application to make authorization decisions for the core. That is, the core asks the application to decide if a given authorization request should be approved or rejected. By using the IAM module, this API invoked automatically to enforce IAM policies on client connections.

SERVER CONNECT TOKENS

Server connect tokens enable the device to decide who can access it through the server (basestation). The tokens should not be used as the only authorization mechanism but be seen as a filter for which connections is allowed from the internet to the device, e.g. to prevent DoS attacks on devices.

LOGGING

The logging API allows the application to retrieve log messages from the core SDK and configure the desired core log level.

MISC - MDNS, VERSION INFO, ERRORS, STRINGS

Functions for starting the optional MDNS server, getting the SDK version, accessing error info and freeing SDK allocated resources.