We’re using tokens to authenticate and authorize users and applications. The tokens are issued by the account server. You can issue your own tokens if you implement your own account server too. We did not publish specifications for that yet because it is still in development. Tokens are signed with a private key and can be validated with a public key. This public key is required in the Broker to check if the token from the client (e.g. ttnctl) is valid.
It looks like you try to get the wrong key; the Broker tries to get the public key for validating the token from https://account.thethingsnetwork.org/key. The Broker tries this on start-up. If it fails, because there’s no internet, then the cached key is used. So make sure that your start the Broker at least once with an internet connection.
I use the standard command and I’m getting the following error message. I’ve managed to get the re-configured etc.
Setup up new account and password
Setup and Application
Associate the application
./ttnctl devices register personalized 02D1DD03
INFO Generating random NwkSKey and AppSKey…
FATAL Could not register device error=rpc error: code = 2 desc = Invalid operation: rpc error: code = 2 desc = Invalid operation: Unauthorized
Did you use the ttnctl applications use <AppEUI> command to activate your newly created application? See the AppEUI in the overview you get with ttnctl applications.
in the wiki could we add, it might make it a bit more clear for idiots like mw who need spoon feeding every command.
Application Management
Now create a new application with ttnctl applications create. In this example we will create an application named Hello World App. The
❯ ttnctl applications create ‘Hello World App’
INFO Application created successfully
If you work in a group, you can authorize your colleagues to manage the application with the ttnctl applications authorize command:
*Now type this to provide all the running details for you’re application. *
*> ttnctl applications * EUI Name Owner Access Keys Valid xxxxxxxxxxx xxx test1 test1@txxxx.xyz xxxxxxxxxxxxxxxxxxxxxxxxxxxxx= true
❯ ttnctl applications authorize 0807060504030201 john@doe.org
INFO User authorised successfully
I guess that once it id comletely develop you would provide some guide in order to know how to interface with a private account server too right?
Then that means too that for now if I want to use the TTN backed for a private network, I have to register my nodes into the TTN devices server otherwise I won’t see any traffic from my nodes since if they are not register, the broker wouldn’t allow them have access to the network, am I right?
I did it once, and now I don get the starting error in the broker, , thanks @johan
The account server tracks user information and applications only. The devices and their security keys are registered in the handler. You can easily use TTN’s account server for private networks. Only in offline scenarios you would need a local account server.
How is managed the downlink? Only the last request is kept (it seems the case; the node reveives only the downlink data from the last request)? The requests are queued in a fifo?
Thanks to the community and the core development team!
It is indeed a queue of size 1. We’re considering fifo and make the queue size configurable. We decided not to build it this way to keep it simple, both the handling of messages and configuration options. If you need this feature, please raise an issue on GitHub cause it’s not there yet.
Regarding the downlink: how can you tell the message for a node has been removed from the queue (in other words: can I check wether the queue for node x is still waiting?) and how do I know the message has been successfully delivered to/received by the node?
That is currently not possible. For this, we need to introduce a new topic, e.g. <AppEUI>/devices/<DevEUI>/down-tx. You can submit an issue for this on GitHub.