Bosch IoT Rollouts offers developers multiple options to integrate. The north-bound API for the application is described next, followed by an overview of the south-bound APIs for device integration.

Application Integration

Bosch IoT Rollouts offers a Management API that allows applications to manage the repository and trigger provisioning operations. It is a general feature that complies with the Management UI.

However, small differences may occur here and there. The authentication and authorization structure is identical: a user can log in to both the Management API and the UI with the same credentials, and has the same permissions available.

  • Base URL: https://MGMT_API_HOST/rest/v1/ (cf. Rollouts access URLs)
  • Purpose: application access to Bosch IoT Rollouts
  • Type: RESTful web service
  • Security: Cloud User of Bosch IoT Rollouts or Bosch ID user
  • Open for 3rd party: yes
  • Detailed information: Bosch IoT Rollouts Management API

Device Integration

Bosch IoT Rollouts offers several options for device integration. Devices can be integrated using the Direct Device Integration API, connected via the Device Management Federation API. The decision for the right device integration path is up to the integration party.

Direct Device Integration API

The Direct Device Integration (DDI) API (DDI) allows direct integration from the device to the Bosch IoT Rollouts server. It has been designed with simplicity in mind, focusing solely on software updates. It allows device integrators to separate concerns by using distinct channels for business data and general device management tasks on one side, and software updates on the other. As a result, it is possible to keep the lifesaving provisioning process controller on the device separate from the more complex business functionality. A benefit of such an architecture should not be underestimated. As stated in the motivation chapter of Rollouts: “the software update process must never fail and also never be compromised as, on the one hand, it is used to fix close to any issue/problem on the device but at the same time also poses the greatest security threat if misused to introduce malicious code to the device.”

As a result of such a simple HTTP/REST/JSON-based API, even a major back-end migration or disaster can be handled by a simple web server hosting a text file containing only the command to update the device one more time to execute the migration. The API was designed with that last resort in mind, even though we plan that it will never be necessary.

  • Base URL: https://DDI_API_HOST/TENANT_NAME/controller/v1/ (cf. Rollouts access URLs)
  • Purpose: direct device integration into Bosch IoT Rollouts
  • Type: RESTful web service
  • Security: certificate or pre-shared security token
  • Open for 3rd party: yes
  • Detailed information: Bosch IoT Rollouts Direct Device Integration (DDI) API

Device Management Federation API

The Device Management Federation (DMF) API allows combining business data with Bosch IoT Rollouts connectivity.

This is especially useful if a constrained device cannot handle a TLS/HTTP connection, supports a standard device management protocol that also covers the software update part (e.g., TR-069, OMA-DM), or the device is already connected, and Bosch IoT Rollouts is introduced later on.

  • Purpose: indirect device integration through a device management or connectivity service into Bosch IoT Rollouts
  • Type: AMQP messaging interface
  • Security: AMQP broker plain authentication
  • Detailed information: Bosch IoT Rollouts Device Management Federation (DMF) API