Edge Device Security Claims Example
The example below illustrates how security claims can be added to an edge device and submitted to the ThingWorx Platform.
This example does the following:
Defines the target ThingWorx Platform to which the security claims are sent.
Defines an API Client for the edge device, setting both security claims and the target platform.
Illustrates how the security claims are processed by providing several sets of invalid claims, and one set of valid security claims.
import com.thingworx.communications.client.APIClient;
import com.thingworx.communications.client.ClientConfigurator;
import com.thingworx.communications.common.SecurityClaims;

public class TestCustomAuth {

private static final String THINGWORX_URI = "wss://${some.thingworx.

public static void main(String[] args) throws Exception {
//create and configure a simple APIClient. This code requires the
//client SDK to function
ClientConfigurator clientConfiguration = new ClientConfigurator();
SecurityClaims claims = new SecurityClaims();
APIClient client = new APIClient(clientConfiguration);

//add claims that are not correct to the claims. This will result in
//a connection failure because the special key "secretTokenKey" was
//not supplied in the claims - even though the value supplied is the
//one we expect to work
claims.addClaim("thisIsNotTheCorrectSecretKey", "MySecretKey");
claims.addClaim("whoTheySaidTheyWere", "Administrator");

//now use the correct secret key token, but supply an invalid value
//and expect the client to still not connect
claims.addClaim("secretTokenKey", "correct key name - wrong value");
claims.addClaim("whoTheySaidTheyWere", "Administrator");

//supply the correct secret key, and the correct token, but a user
//that does not exist in the thingworx platform
claims.addClaim("secretTokenKey", "MySecretKey");
claims.addClaim("whoTheySaidTheyWere", "AdministratorDoesNotExist");

//supply the correct secret key, and the correct token, AND a user
//that exists. This time we expect to be connected using our custom
//edge authenticator
claims.addClaim("secretTokenKey", "MySecretKey");
claims.addClaim("whoTheySaidTheyWere", "Administrator");

private static void tryToConnect(APIClient client) throws Exception {
long waitUntil = System.currentTimeMillis() + 5000; //the time 5
//seconds in the future

//this method will simply try to connect over and over again
//if needed
while(!client.isConnected() && System.currentTimeMillis() <=
waitUntil) {
client.connect(); //try to connect and then sleep a bit waiting
// for it to succeed


private static void outputIfConnected(APIClient client) {
if(client.isConnected()) {
System.err.println("Congratulations! You ARE connected and you
used your custom edge authenticator");
} else {
System.err.println("NOT CONNECTED");
Was this helpful?