Self-Registering MQTT Clients
Simple self-registration for MQTT clients with username and password.
The MQTT client self-registration via authentication attempt process allows you to securely add new MQTT clients to Connectware via self-registration without having to handle passwords manually. This method works with any standard MQTT client and requires minimal configuration because clients generate their own passwords during registration.
New users created through this process have no permissions by default. Administrators must explicitly assign appropriate permissions after registration is complete.
For registering clients including additional information, such as context details, role requests, permission specifications, and certificate signing requests (CSRs), in their registration payload, see Client Self-Registration via REST API.
Registration Workflow
The MQTT client self-registration process via authentication attempt follows these steps:

The Connectware administrator unlocks the Client Registry from the Client Registry View.
An MQTT client attempts to connect using credentials for a non-existent user.
Connectware logs the attempt, rejects the request, and creates a pending registration entry.
The administrator reviews and approves the registration in the Client Registry View.
Connectware creates a user with the provided credentials.
The administrator assigns roles or permissions to the new user.
The MQTT client reconnects with the same credentials and successfully authenticates.
Initiating the Self-Registration (MQTT Client)
Prerequisite
The Client Registry must be unlocked by a Connectware administrator.
Initiating the Self-Registration
To initiate the self-registration, the MQTT client must attempt to connect using basic authentication (username/password).
Example
mosquitto_pub -h <connectware-host> -p 1883 -u "<username>" -P "<password>" -i "<client-id>" -t "devices/sensor3/data" -m "temperature"
Once the request is initiated
The MQTT client receives an authentication error.
Connectware logs the credentials as a pending registration.
A Connectware admin must now review and approve the request.
After approval, the MQTT client retries with the same credentials and successfully connects.
Approving Self-Registration Requests (Admin)
After an MQTT client attempts registration, the Connectware admin must approve the request before the client can access the system.
Approving Self-Registration Requests via REST API
To approve self-registration requests via REST API, refer to the
Confirm a single authentication request
parameter documented in the Auth Server API Reference.
Approving Self-Registration Requests via Admin UI
To approve the self-registration requests via the Admin UI, do as follows:
In the Client Registry View, click the Unlock button to temporarily unlock the self-registration. The registry will remain open for five minutes and will automatically lock again after this period. You can manually lock the registry by clicking the Lock button.

Locate the pending registration request in the registry table.

Click the request to open the Grant Access dialog.
Review the request details and click Allow to approve registration.

In the navigation panel, click User and confirm that the new user appears in the list.
Assign appropriate roles or permissions. For more information, see Adding Roles to Users.
Last updated
Was this helpful?