Event notification channel
Event notification channel is a data pipe from Device Management to a web application. Subscribed events or asynchronous response events are delivered through it. It provides a queueing and delivery mechanism that ensures event delivery in case of temporary connectivity issues or load spikes.
The events are delivered in a NotificationMessage
. Your web application has two options to form a notification channel to receive the messages:
- Use the callback interface. Device Management sends a
NotificationMessage
as a request to your service. - Use the WebSocket interface to open a web socket.
Device Management pushes the following events through the event notification channel:
Event | Description |
---|---|
Device registration, deregistration and expiration events. | By default, sent on any device in the account. |
Notifications from subscribed Resources. | When a subscribed Resource changes, a device sends an event to Device Management. If a channel matching the subscribing API key is found, Device Management delivers the event to that channel. |
Proxy request results. | Asynchronous responses to the device's Resource operations are delivered to a web application. |
Properties
Property | Limit | Description |
---|---|---|
Queue size | 50 MB | The queue for one API key channel is limited to 50 MB. Reliable storage has some overhead for every stored notification. As an example, an event of 100 bytes can have more than 160,000 messages in the queue before the oldest ones are deleted. |
Event lifetime | 24 hours | Events Device Management has received more than 24 hours ago will be removed from the queue. You can use the event timestamp to see how old items there are in the queue and whether your system is keeping up with the event speed. |
Channel idle timeout | 48 hours | If there is no data coming in within 48 hours, the queue is removed. You will need to establish a new channel to start receiving events. |
Delivery fail timeout | 24 hours | Device Management tries to deliver events for 24 hours. If the remote end does not respond during that time, the channel is deleted. |
Batch size limit | 10,000 events (default) | Even one event in the queue triggers notification sending. The events come in batches of 1-10,000 depending on the number of events in the queue. You can adjust this with the max_chunk_size configuration. |
Events in a second | ~ 1000 events in a second | The callback channel can receive and deliver approximately 1000 events in a second. |
Note: Every notification channel is bound to the API key of an application. If two different application instances use the same API key, the application that sets the channel last overrides the previous one.
Callback interface
To register a callback interface, use /v2/notification/callback
. You can also use it to define optional headers. For example, you can set an authorization header with a token, or provide additional information to your web application.
To set a callback URL:
-
The web application calls
PUT /v2/notification/callback
and provides the callback URL in the body.Note: The callback URL in the web application must be publicly available to be accessed by Device Management Connect.
-
Device Management Connect verifies the callback URL by calling PUT with the given headers (headers are optional).
-
The web application responds with
200 OK
-
Device Management Connect stores the callback URL for the specific API key.
Note: Each API key can only have one callback URL. If you set another callback URL with the same API key, the first URL will be overwritten.
-
When an event occurs, Device Management Connect sends notifications messages to the callback URL, with the given headers.
Note: If sending to the callback URL fails continuously for 24 hours, the callback channel is removed. See Notification sending logic.
Securing the callback channel
To secure the callback channel, you must provide an HTTPS callback URL. The HTTPS protocol will encrypt all the data flowing from Device Management to your application, making it unintelligible for a potential interceptor.
The HTTPS protocol alone is not enough to secure the communication channel. There are two other factors that you should consider to ensure the callback channel security:
-
Ensure the data is coming from source that you can rely on (from Device Management). For that purpose, Device Management Connect presents a certificate signed by a trusted certificate authority (GlobalSign) with a Common Name (CN) set to
notifications.mbedcloud.com
when sending a request to the callback URL. This certificate should be validated.To validate the Device Management Connect certificate, you need to add the chain of trust from the GlobalSign root certificate in the customer's server:
-
- Subject: OU=GlobalSign Root CA - R3, O=GlobalSign, CN=GlobalSign
- SHA1 Fingerprint: D6:9B:56:11:48:F0:1C:77:C5:45:78:C1:09:26:DF:5B:85:69:76:AD
-
GlobalSign Organization Validation CA - SHA256 - G2
- Subject: C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2
- SHA1 Fingerprint: EF:90:B2:B8:6F:47:56:EB:E7:D3:6F:F3:01:5D:63:52:3A:00:76:E9
Note: You need to set the verification depth of the client certificates chain to 2 at least.
-
-
Ensure the data is coming from a source you have authorized. You need to include an optional authorization header during the callback channel creation.
If you added the authorization header during the channel creation, it will be included in all callback requests and you can authorize the requests based on it.
WebSocket interface
To set up a WebSocket interface, use /v2/notification/websocket
. The WebSocket interface does not wait for an application level ACK but sends the next patch when the transport level has succeeded.
Note: A single websocket channel can deliver a few thousand events per second.
To set up the WebSocket:
- The web application calls
PUT /v2/notification/websocket
to create the channel.- Subscribed events are received immediately when the channel is registered. The events bundle is delivered once the socket is eventually opened.
- If the WebSocket is closed but the channel remains, it keeps receiving and storing messages until the WebSocket is connected again or for 24 hours, after which the channel will be removed.
- When opening the channel, its status is
disconnected
and it changes toconnected
whenever the channel has an active WebSocket bound to it.
- The web application calls
GET /v2/notification/websocket-connect
. The web application must provide the API key used in the previous step, in theSec-WebSocket-Protocol
header, or as a bearer token in the Authorization header if the WebSocket client supports it. - Device Management verifies the API key and accepts the WebSocket, returning with HTTP status
101 Switching Protocols
(most WebSocket libraries handle this handshake transparently). - Device Management pushes notification events to the socket until the client or server closes it. The server closes automatically after 24 hours of inactivity, or if an error occurs. Closing the socket from client closes the channel, too.
Note: Device Management will ping your web service to keep the connection open. Most clients can handle the pings automatically. If the ping frame is not responded within a few seconds, the connection is considered lost and the server will attempt closing the WebSocket with code 1001 (Going away)
, including a message about the ping timeout. The ping frame from the server consists of four bytes which the server expects the client to echo in the response frame ('pong').
The server may close the WebSocket for various reasons. The close frame contains a WebSocket close status code along with a reason (string). Possible reasons for closing the socket from the server are:
Status code | Reason | Description |
---|---|---|
1000 | Normal close | Socket closed by client. |
1001 | Going away | If the channel is deleted with a REST call or the server is shutting down or if a WebSocket is already opened with the given API key, the first created socket will be closed with this code. |
1006 | Abnormal close | The connection is lost without either party sending a close frame. This code is never set by Device Management. |
1008 | Policy violation | Authentication fails due to an invalid or missing API key header when connecting. |
1011 | Unexpected condition | No channel has been registered for this API key. |
1012 | Server restart | Set, for example, when the server is balancing load between nodes, restarting for update, or being maintained. The client should reconnect after receiving this status code. A short reconnect delay is recommended. |
Note: You must implement reconnection logic. The server may close connections in the cases of load balancing, service restart, or software update. The client should try to reconnect after a short delay for codes 1006 and 1012.
The following example demonstrates connecting to the WebSocket channel using HTML5 WebSocket API from a browser:
var socket = new WebSocket("wss://<HOST>/v2/notification/websocket-connect", ["wss", "pelion_{API_KEY}"]);
socket.onopen = function(event) {
console.log("WebSocket opened");
};
socket.onmessage = function(event) {
console.log("Notification received: " + event.data);
};
socket.onerror = function(err) {
console.log("Error occurred");
};
socket.onclose = function(event) {
console.log("WebSocket closed");
};
Configuring the channel
You can configure the channel according to your needs. For example, you can use the device's endpoint name instead of the device ID for the events. Read more about device identity.
For the channel configuration options, see v2/notification/callback and v2/notification/websocket.
Pull interface
The pull notification method is replaced by WebSocket interface and will be removed from the service.
Notification sending logic
Notifications are delivered in batches of up to 10,000 items. When the web application responds with 200 OK
to the current notification batch, Device Management sends the next batch. The web application should respond quickly, as while the batch is in delivery, the notification queue size grows and the next batch of notifications is larger.
The same logic applies to the pull interface: when a new pull request is sent, Device Management Connect responds with a batch of notifications.
On rare occasions, callback and websocket channels may receive duplicate notifications. You can configure the callback and websocket channels to contain a message identifier for each notification. Use it to detect duplicates. See channel serialization configuration for more details.