MQTT connect failed with unauthorized error

bind_87 1 Reputation point
2021-02-20T07:15:34.507+00:00

Hi,

I am facing issue with MQTT connect from my device to IoT Hub.
Have taken the primary connection string after device creation on Azure portal and provided the same to my application and trying to perform MQTT connection.
Receiving MQTT connack with failure value '5' (Unauthorized error).

I suspected that the sas token generated prior to MQTT connect could be the problem so also tried with sas token generated from Azure cli by following "Generate a device SAS token using the iothubowner policy to access the {iothub_name} device registry." and removed the device key from connection string and provided the signature. But observe the same error.

Could you please provide some pointers on what could be the issue.

Thanks

Azure IoT Hub
Azure IoT Hub
An Azure service that enables bidirectional communication between internet of things (IoT) devices and applications.
1,147 questions
{count} votes

2 answers

Sort by: Most helpful
  1. Sander van de Velde | MVP 30,556 Reputation points MVP
    2021-02-20T14:26:16.95+00:00

    Hello @bind_87 ,

    the connection string of an Azure IoT Hub device looks like:

    HostName=edgedemo-ih.azure-devices.net;DeviceId=mslearndevice;SharedAccessKey=o[removed a big part]g=  
    

    The connection string of the IoT Hub owner shared access policy looks like this:

    HostName=edgedemo-ih.azure-devices.net;SharedAccessKeyName=iothubowner;SharedAccessKey=Y[removed a big part]4=  
    

    You can find that connection string here:

    70291-image.png

    Note: the iot hub owner key gives full access to your (internet connected) IoTHub. Normally, do not expose it out Azure (only use it within other services running in the cloud).


  2. AshokPeddakotla-MSFT 29,906 Reputation points
    2021-03-15T17:00:22.42+00:00

    @bind_87 If your device uses MQTT protocol, verify that port 8883 is open. For more details, see Connecting to IoT Hub (MQTT). The MQTT port (8883) is blocked in many corporate and educational networking environments. If you can't open port 8883 in your firewall, we recommend using MQTT over Web Sockets. MQTT over Web Sockets communicates over port 443, which is almost always open in networking environments. To learn how to specify the MQTT and MQTT over Web Sockets protocols when using the Azure IoT SDKs, see Using the device SDKs.

    Also, I would suggest you check this troubleshooting guide for common errors and resolutions and let us know if that solves your issue.

    0 comments No comments