Access Keys

To connect your devices to the Losant MQTT Broker, you must use a set of security credentials called access keys. Access keys consist of a generated key and secret pair. An access key can be used to authenticate multiple devices in an application, or multiple access keys can be created to scope your devices into virtual security groups.

Access Keys

You can view the access keys for an application by choosing “Access Keys” in the Application menu bar.

Generating an Access Key

Access keys can be added to your application by using the “Add Access Key” button on the Access Keys page.

Generating Losant Access Key

Access Key Device Restrictions

Access keys can be valid for any device within an application or restricted to only a subset of devices.

Access Key Device Restrictions

NOTE: For production, it’s best practice to not make a key for all devices.

A restricted key will only be usable for authentication of the devices you define, and any device authenticated using a restricted key will be able to see state and command MQTT topics of only other devices that are in that same restricted scope. Restrictions can be specified with a Device Query and/or Device Tag Query.

Additional MQTT Topics Access

By default, access keys only allow access to the device-specific topics (e.g. state and commands) for every device you have allowed. Optionally, you can specify multiple non-device MQTT topics.

Additional MQTT Topics Access

Additional MQTT Topics:

  • All topics: Allow access to device-specific topics and all custom topics
  • No additional topics: (default) Allow access to only device-specific topics
  • Only the following additional topics… : Allow access to device-specific topics and specific custom topics.

Topics must be valid MQTT topics, and furthermore, they cannot be MQTT system topics, or Losant-specific topics (ex. /losant/DEVICE_ID/state). As well as specifying topics you can restrict access to subscribing and/or publishing of each particular topic.

Note: Device restrictions cannot be edited after the key is created, while MQTT Topic can be edited after key creation.

Access Secret

After creating, the newly generated key and secret will be displayed. You will either need to copy your key and secret to a secure location or download them to a file on your computer.

Access Key Generated

IMPORTANT: Losant does not store key secrets, and they cannot be recovered or regenerated if lost. If you fail to save your key secret before closing the window, you will have to generate a new access key / secret pair.

After you’ve saved your access key and secret, check the “I have copied my access key and secret to a safe place” box and click “Close Window”.

Deleting / Deactivating an Access Key

To temporarily deactivate an access key:

  • Click the switch alongside the access key in the list view, OR
  • From the access key’s detail page, toggle the switch from “active” to “inactive”.

Delete Key

If an access key is no longer needed, or you believe it has been compromised, you may permanently delete it by:

  • Clicking on the Delete icon in the access key list, OR
  • Clicking the Delete Access Key button on the access key’s detail page

Using Access Keys

To find out more about using access keys with our MQTT clients, check out the various Losant MQTT client libraries. To learn more about using access keys with our REST API, check out the various Losant REST client libraries.