Azure IoT Hub
An Azure service that enables bidirectional communication between internet of things (IoT) devices and applications.
1,274 questions
In my case this thread helped me
Unable to Register Devices Using DPS Enrollment Group (401 Unauthorized)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(99.2, 6%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Allen
0
Reputation points
We are encountering issues while attempting to register devices using an enrollment group in Azure IoT Device Provisioning Service (DPS) with symmetric key authentication. Despite following all the documented steps, the device registration fails with an HTTP 401 Unauthorized error (errorCode: 401002).
Here’s a summary of our setup and the steps taken:
DPS Configuration:
- Attestation Mechanism: Symmetric Key.
- Status: Enabled.
php Copy code SharedAccessSignature sr=<resourceUri>&sig=<generatedSignature>&se=<expiry>- Registration ID is explicitly set in the curl request and aligns with the enrollment group settings. **Steps Taken**: - Generated a SAS token using the primary key and the following formula:
php Copy code SharedAccessSignature sr=<scope>/registrations/<registrationId>&sig=<signature>&se=<expiry>Example SAS Token:- Used curl to send a PUT request to: ``` bash Copy code https://global.azure-devices-provisioning.net/<scope>/registrations/<registrationId>/register?api-version=2019-03-31 ``` - Headers included: - `Content-Type: application/json` - `Authorization: SharedAccessSignature sr=<resourceUri>&sig=<generatedSignature>&se=<expiry>` - Payload: ``` json Copy code {"registrationId": ``` **Observed Behavior**: - The DPS endpoint resolves successfully, and the request is sent without connection issues. - However, the response is consistently: ``` json Copy code { ``` **Troubleshooting Steps**: - Verified network connectivity to `global.azure-devices-provisioning.net`. - Confirmed the primary key and registration ID are correct. - Regenerated the primary key and retried the process. - Used multiple tools (curl, PowerShell) for manual testing. - Verified that the enrollment group settings in DPS are correctly configured. - Referenced Azure documentation and community forums for guidance. ```---
Request for Support
- Can you help identify why the registration is failing with
401 Unauthorized? - Are there additional configuration steps or settings that we may have overlooked?
- Could you assist in analyzing the issue using the
trackingIdprovided in the error response?
We can provide additional logs or screenshots as needed. Thank you!We are encountering issues while attempting to register devices using an enrollment group in Azure IoT Device Provisioning Service (DPS) with symmetric key authentication. Despite following all the documented steps, the device registration fails with an HTTP 401 Unauthorized error (errorCode: 401002).
Here’s a summary of our setup and the steps taken:
DPS Configuration:
- Attestation Mechanism: Symmetric Key.
- Status: Enabled.
php Copy code SharedAccessSignature sr=<resourceUri>&sig=<generatedSignature>&se=<expiry>- Registration ID is explicitly set in the curl request and aligns with the enrollment group settings. **Steps Taken**: - Generated a SAS token using the primary key and the following formula:
php Copy code SharedAccessSignature sr=<scope>/registrations/<registrationId>&sig=<signature>&se=<expiry>Example SAS Token:- Used curl to send a PUT request to: ``` bash Copy code https://global.azure-devices-provisioning.net/<scope>/registrations/<registrationId>/register?api-version=2019-03-31 ``` - Headers included: - `Content-Type: application/json` - `Authorization: SharedAccessSignature sr=<resourceUri>&sig=<generatedSignature>&se=<expiry>` - Payload: ``` json Copy code {"registrationId": ``` **Observed Behavior**: - The DPS endpoint resolves successfully, and the request is sent without connection issues. - However, the response is consistently: ``` json Copy code { ``` **Troubleshooting Steps**: - Verified network connectivity to `global.azure-devices-provisioning.net`. - Confirmed the primary key and registration ID are correct. - Regenerated the primary key and retried the process. - Used multiple tools (curl, PowerShell) for manual testing. - Verified that the enrollment group settings in DPS are correctly configured. - Referenced Azure documentation and community forums for guidance. ```---
Request for Support
- Can you help identify why the registration is failing with
401 Unauthorized? - Are there additional configuration steps or settings that we may have overlooked?
- Could you assist in analyzing the issue using the
trackingIdprovided in the error response?
We can provide additional logs or screenshots as needed. Thank you!
Azure IoT Hub
{count} votes
-
Sander van de Velde | MVP 36,766 Reputation points MVP Volunteer Moderator2024-12-23T22:55:56.53+00:00 Hello @Allen,
welcome to this moderated Azure community forum.
Better questions with more information lead to better answers from our community members.
you want to enroll devices via the DPS via a symmetric key. Is this a individual enrollement or a group enrollment?
-
Allen 0 Reputation points
2024-12-24T03:36:39.9766667+00:00 my question is regarding group enrollment
-
Allen 0 Reputation points
2024-12-24T03:38:20.2333333+00:00 it is clear in the topic which is : Unable to Register Devices Using DPS Enrollment Group (401 Unauthorized)
-
Allen 0 Reputation points
2024-12-24T05:37:42.5+00:00 I am trying to use group enrollment in Azure DPS to register my ESP32 device automatically. However, despite following the steps outlined in the documentation, I have been unable to achieve this. I even attempted to simulate the process manually, as described in my question, but I still encounter issues. This has left me completely confused as to why the registration is failing. I would appreciate any guidance or suggestions to help resolve this problem.
Sign in to comment
2 answers
Sort by: Most helpful
-
Vahid Ghafarpour 23,385 Reputation points Volunteer Moderator2024-12-23T19:46:16.9866667+00:00 -
Allen 0 Reputation points
2024-12-24T05:37:21.07+00:00 I am trying to use group enrollment in Azure DPS to register my ESP32 device automatically. However, despite following the steps outlined in the documentation, I have been unable to achieve this. I even attempted to simulate the process manually, as described in my question, but I still encounter issues. This has left me completely confused as to why the registration is failing. I would appreciate any guidance or suggestions to help resolve this problem.
Sign in to comment -
-
Sander van de Velde | MVP 36,766 Reputation points MVP Volunteer Moderator
2024-12-24T10:06:38.2766667+00:00 Hello Allen,
welcome to this moderated Azure community forum.
Please try the group enrollment first using a C# or Python application to prove the cloud part is set up correctly.
Check this blog post for an example about group enrollments. It uses Azure IoT Edge but this can be combined with this Python client example. That one comes with an individual DPS enrollment example but this would work for a group enrollment too.
Once this is set up correctly, you can try to connect your ESP32.
Apart from this NanoFramework example, I have no experience with these devices.
If the response helped, do "Accept Answer". If it doesn't work, please let us know the progress. All community members with similar issues will benefit by doing so. Your contribution is highly appreciated.