Identity File

The identity file is an optional file that takes priority over the configuration file if a field is present in both files. In order to use an identity file, the identity_path field in the configuration file must be populated, and its value shall be the absolute path to the identity file on the device. It’s recommended to use the identity file, as opposed to the configuration file, to persist device-unique credentials.

A number of fields in TUC’s configuration file can be overridden with the identity file. This can allow you to use a single configuration file across multiple projects. See the configuration file for more information.

Example identity file configuration:

{
    "device_enrollment_token": "[REDACTED]",
    "name": "identity_override",
    "device_id": "[REDACTED]",
    "device_token": "[REDACTED]",
    "device_certificate_pem": "[REDACTED]",
    "device_private_key_pem": "[REDACTED]"
}

Provisioning

The Thistle Release Helper can be used to provision identity files for your fleet of devices:

$ ./trh identity --device-name "tutorial" --pre-enroll
Identity file generated at path "./identity.json"

$ cat identity.json
{
    "name": "tutorial",
    "device_id": "[REDACTED]",
    "device_token": "[REDACTED]"
}