Page tree
Skip to end of metadata
Go to start of metadata


Network server users can use external an Join Server to authenticate OTAA Join requests.

Extract from the Join Server response (called AppSKey answer) can be forwarded by the network server to the application server, including the encrypted newly generated AppSKey.


{
    cmd      : 'AppSKeyAns';   // akways "AppSKeyAns" = AppSKey Answer
    ProtocolVersion : string;  // version of the protocol used
    DevEUI   : string;         // device EUI, 16 hex digits (without dashes)
    Result   : {
      ResultCode  : string;    // result of the join response
      Description?: string;    // details of the response code (optional)
    },
    AppSKey? : {			   // only present if ResultCode == "Success"
      KEKLabel    : string;    // key wrap algorithm identifier
      AESKey      : string;    // encrypted AES
    },
    SessionKeyId   : string;   // Identifier of the key session
}
                


Example message

{
    "cmd"               : "AppSKeyAns",
    "ProtocolVersion"   : "1.0",
    "DevEUI"            : "0102030405060708",
    "Result"            : {
      "ResultCode"  : "Success",
      "Description" : "The join request has been accepted"
    },
    "AppSKey"           : {
      "KEKLabel"    : "id-aes128-wrap",
      "AESKey"      : "1FA68B0A8112B447AEF34BD8FB5A7B829D3E862371D2CFE5"
    },
    "SessionKeyID"      : "00000001"
}
                


ParameterTypeDescription
cmdstringidentifies type of message, always 'AppSKeyAns' for AppSKey answer
ProtocolVersionstringversion of the protocol
DevEUIstringdevice EUI, 16 hex digits (without dashes)
Result.ResultCodestring"Success" on success, error string otherwise
Result.DescriptionstringDetailed information related to the ResultCode (optional)
AppSKey.KEKLabelstringidentifier of the key wrapping algorithm
AppSKey.AESKeystringencrypted AES key
SessionKeyIdstringIdentifier of the key session id (join session id)





  • No labels