# Overview
Devices connecting to the ABB Ability™ Platform must be enrolled into the Platform through the Device Provisioning Service (DPS). It is a global service provided by Microsoft that functions as a gatekeeper to authenticate and control the endpoints allowed to transact with the ABB Ability™ Platform. DPS allows us to authenticate devices and ensure that they are routed to the correct IoT Hub to send telemetry information.
# Provisioning
Provisioning is the process of preparing a device to work with the ABB Ability™ Platform. This means that the device:
- has the correct identity (device Id registered in GIG and certificate from ABB PKI)
- was registered in the Principal Manager with this identity
- has a DPS endpoint and DPS Scope Id
The device (whether it's an Edge or Directly Connected Device) contacts the Certificate Manager to receive or confirm its identity
(certificate through the MPKI and device Id using the GiG service). Then, the device
contacts the DPS endpoint, which calls the Principal Manager in order to establish an authorization scope for the device and
registers it with the IoT Hub. As a last step, DPS returns information to the device on how
it can connect to IoT Hub, which allows the device to connect to it and start sending data (shown as solid lines on the diagram).
# What problem is solved by DPS?
The Device Provisioning Service helps to configure devices automatically when connecting to the cloud for the first time. From the user's point of view, it means that the device is connected to the IoT Hub. Details of the process are described here.
# How to use DPS?
# Edge Device
The Device Provisioning Service is designed to work in the background without the need for any user interaction. In most cases, everything is taken care of by the Ability Edge Framework. See this section on how to register your device with DPS for further details.
# Directly Connected Devices
The process for Directly Connected Devices is the same as for Edge, but there is no component to do that out of the box.
The process of connecting a device to the IoT Hub is described here. Since each instance of the ABB Ability™ Platform has an already created infrastructure (including DPS), existing parameters such as the DPS Scope Id should be used.
Instance-agnostic devices
Each device should be instance-agnostic: devices should connect to DPS every time they boot to retrieve the IoT Hub URL. Devices may not be assigned to the same IoT Hub if its limits are hit (max amount of devices for IoT Hub). Thanks to this approach, devices do not need to store Ability Platform Ids, and they are always connected to the correct IoT Hub. DPS allows defining custom allocation policies, which gives the user more control over the process of assigning a device to an IoT Hub. This is done with Azure Functions that use information about the device and enrollment and return information to the IoT Hub, how to provision the device. For more details, please check this link.
# DPS URLs and Ids
Detailed information regarding the Device Provisioning Service (such as its ScopeId) will be given to you by the Operations Team when your Platform instance gets deployed for you. See this article to find out more about all the identifying characteristics of the Platform.