Manage the endpoint of an instance - IoT Platform - Alibaba Cloud Documentation Center

If you use a device SDK, IoT Platform SDK, or Advanced Message Queuing Protocol (AMQP) SDK, you must specify the endpoint of the instance to which you want to connect your device. This topic describes how to obtain the endpoint of an instance.

Prerequisites

Before you obtain the endpoint of an IoT Platform instance, you must check the type of the instance and the region in which the instance resides.

Instance	Region	Description	Method
Public instances of the previous version	Singapore, China (Shanghai), and Japan (Tokyo).	On the Overview page of the IoT Platform console, no instance ID is displayed. You cannot click an instance to go to the Instance Details page. Note Public instances of the new version are not available in the Singapore and Japan (Tokyo) regions. All public instances in the preceding regions are of the previous version.	As a result, you cannot view the development configurations of an instance in the IoT Platform console. This topic describes all endpoint information that is required to connect your device to IoT Platform. For more information, see View the endpoint information of a public instance of the previous version or an Enterprise Edition instance.
Public instances of the previous version	US (Virginia), Germany (Frankfurt), and US (Silicon Valley)	If no Enterprise Edition instance is purchased, a public instance of the previous version is used, and no Overview page is displayed in the IoT Platform console.
Public instances of the new version	China (Shanghai)	On the Overview page of the IoT Platform console, an instance ID is displayed. Click the instance ID to go to the Instance Details page.	On the Instance Details page of the IoT Platform console, click View Development Configurations in the upper-right corner to open the Development Configurations panel that displays the endpoint information. For more information, see the "View the endpoint information of a public instance of the new version or an Enterprise Edition instance" section of this topic.
Enterprise Edition instances	China (Shanghai), Singapore, and Japan (Tokyo)

For more information about IoT Platform instances, see Overview.

Background information

For more information about how to configure SDKs, see Link SDKs, IoT Platform SDK, and Connect an AMQP client to IoT Platform.

Usage notes

If you use AMQP-based server-side subscriptions or call IoT Platform API operations to connect devices to an IoT Platform instance over the Internet by using Message Queuing Telemetry Transport (MQTT), Constrained Application Protocol (CoAP), or HTTP, you must specify a public endpoint when you configure the devices.
If you use AMQP-based server-side subscriptions or call IoT Platform API operations to connect devices to an IoT Platform instance over a virtual private cloud (VPC) by using MQTT, you must specify a VPC endpoint when you configure the devices.
If you want to connect devices to an Enterprise Edition instance by using MQTT, you can bind a fixed IP address to the instance endpoint.
If you use an Exclusive instance, you must create a separate MQTT endpoint. Then, you can specify a custom port number and certificate for the endpoint.

View the endpoint of a public instance of the previous version

Communication Type	Endpoint format	Port Number
MQTT	`${YourProductKey}.iot-as-mqtt.${YourRegionId}.aliyuncs.com`	1883 or 443. If MQTT over WebSocket is used, set this parameter to 443.
CoAP	`${YourProductKey}.coap.cn-shanghai.link.aliyuncs.com`	If Datagram Transport Layer Security (DTLS) is used, set this parameter to 5684. If symmetric encryption is used, set this parameter to 5682.
HTTP	Unique-certificate-per-device verification: `https://iot-as-http.${YourRegionId}.aliyuncs.com`	443.
HTTP	Pre-registration unique-certificate-per-product verification: `iot-auth.cn-shanghai.aliyuncs.com` Important The HTTPS-based pre-registration unique-certificate-per-product verification method is supported only if you connect devices to instances that reside in the China (Shanghai) region.	443.
AMQP	`${uid}.iot-amqp.${YourRegionId}.aliyuncs.com`	If you use a Java, .NET, Python 2.7, Node.js, or Go client, the port number is 5671. If you use a Python 3 or PHP client, the port number is 61614.
IoT Platform API request	The API request is in the http://Endpoint/?Action=**&Parameters format. For more information, see Initiate API requests.	N/A

Configure the parameters based on your business requirements. The following table describes the parameters.

Parameter	Description
`${YourProductKey}`	The ProductKey of the product to which the device belongs. You can log on to the IoT Platform console and obtain the ProductKey on the Device Details page of the instance.
`${YourRegionId}`	The ID of the region in which your device resides. For information about the format of region IDs, see Supported regions.
`${uid}`	The ID of your Alibaba Cloud account. You can log on to the IoT Platform console, and move the pointer over the profile picture to view the account ID.

View the endpoint of a public instance of the new version or an Enterprise Edition instance

Log on to the IoT Platform console. In the top navigation bar, select the region where the instance whose details you want to view resides.
On the Overview page, click the name or ID of the instance that you want to manage.
In the upper-right corner of the Instance Details page, click View Development Configurations.
In the Development Configurations panel, click the MQTT, CoAP, or HTTP tab to view the endpoint that is used by your device based on the protocol.
Important
If you use an Exclusive instance, you must create an MQTT endpoint. For more information, see Create a separate MQTT endpoint for an Exclusive instance.
On each tab, perform the following operations:
- Click Copy to copy the instance endpoint.
- Click the icon next to the endpoint to view the port number.
Note
For information about the port, see the "View the endpoint of a public instance of the previous version" section of this topic.
Important
If you connect devices to IoT Platform over HTTPS, the unique-certificate-per-device verification method and the pre-registration unique-certificate-per-product verification method are supported. However, the endpoints of the verification methods are different.
- If you use the unique-certificate-per-device verification method, the endpoint is displayed on the HTTP tab.
- If you use the pre-registration unique-certificate-per-product verification method, the IoT Platform instances to which you want to connect devices must reside in the China (Shanghai) region and use iot-auth.cn-shanghai.aliyuncs.com endpoint.

Bind a fixed IP address to an endpoint

Fixed IP addresses prevent your Domain Name System (DNS) records from being updated when IoT Platform expands the list of IP addresses. If you use IoT cards and your carrier does not support endpoints, you can add your fixed IP address to the list of directional IP addresses of the carrier.

Note

The IP address may change due to various reasons, such as the relocation of the data center of your carrier. If your device accesses a fixed IP address, you must send commands from IoT Platform or perform an over-the-air (OTA) update to synchronize the IP address to your device. Otherwise, your device cannot connect to IoT Platform.

We recommend that you use endpoints to connect your device to IoT Platform. This way, you are notified before an IP address is changed.

To bind fixed IP addresses to the endpoint to which you want to connect devices over the Internet by using MQTT, perform the following steps:

If you use a non-Exclusive Enterprise Edition instance, you can bind two fixed IP addresses to the endpoint.
1. In the upper-right corner of the Instance Details page of the non-Exclusive Enterprise Edition instance, click View Developer Configurations.
2. In the Development Configurations panel, click Configure to the right of Fixed IP on the MQTT tab.
3. In the dialog box that appears, click OK to obtain two fixed IP addresses.
If an MQTT device no longer requires fixed IP addresses, click Unbind.
After you create a public MQTT endpoint for an Exclusive instance, the system automatically associates a fixed IP address with the instance. You do not need to perform additional operations. You cannot disassociate the fixed IP address from the instance.

Create a separate MQTT endpoint for an Exclusive instance

To create an MQTT endpoint for an Exclusive instance, perform the following steps:

In the upper-right corner of the Instance Details page of the Exclusive instance, click View Development Configurations.
In the Development Configurations panel, click Create on the MQTT tab.

In the Create Endpoint dialog box, configure the parameters. The following table describes the parameters.

Parameter	Description
Custom Port Number	The port number of the MQTT endpoint. Default value: 1883.
Enable VPC	Yes: Enable VPCs. If you select Yes, you must specify a VPC, a zone, a vSwitch, and a security group. The system automatically creates a public MQTT endpoint and a VPC MQTT endpoint. Important If you want to enable VPCs for MQTT endpoints, you must activate PrivateLink for VPCs. If PrivateLink is not activated in your Alibaba Cloud account, you must go to the VPC console to activate PrivateLink. No (default): Disable VPCs. The system automatically creates a public MQTT endpoint. Important If you select No, you cannot enable VPCs.
Authorize	If you want to enable VPCs, you must complete authorization. Click Authorize. The system automatically creates a role and a policy that grant devices the permissions on VPCs over which you want to connect the devices to IoT Platform. For more information, see Service-linked roles.
VPC	After you enable VPCs and complete authorization, you must configure these parameters. Select an existing VPC and vSwitch in the current Alibaba Cloud account. You can click CreateVPC and CreateVSwitch to create a VPC and a vSwitch. For more information, see Create a VPC and Create a vSwitch.
vSwitch Zone
VSwitch
Security Group	After you enable VPCs and complete authorization, you must configure this parameter. Select an existing security group in the current Alibaba Cloud account. You can click CreateSecurity Group to create a security group. For more information, see Create a security group.

Click OK.
After you create the endpoint, the endpoint is displayed in the Connect to MQTT Devices section.

Create a custom certificate for the MQTT endpoint of the Exclusive instance

To create a custom certificate and a domain name for the MQTT endpoint, perform the following steps:

Note

The public endpoint and VPC endpoint use the same custom certificate.

In the upper-right corner of the Instance Details page of the Exclusive instance, click View Development Configurations.
In the Development Configurations panel, click MQTT. On the MQTT tab, click Configure in the Custom Certificate section.
In the Custom Certificate dialog box, set the Customize Configurations parameter to Enable.
Note
If the Customize Configurations parameter is already set to Enable, skip this step.
Specify the PEM-formatted content and key of a certificate that is obtained from a certificate authority (CA) and click OK.
Warning
If you want to update the certificate information after you specify the content and key of the certificate, certificate verification may fail. In this case, devices may fail to connect to IoT Platform or your business may be interrupted. Proceed with caution.
The Development Configurations panel displays a custom domain name that is parsed from the custom certificate. You can use the custom endpoint to connect devices to IoT Platform over MQTT.
Important
You must configure a CNAME record at the domain name provider to resolve the custom domain name to the default MQTT endpoint of the instance.