跳到主要内容

What is challenge-response based user-node mapping? Why is it recommended?

Challenge-response is a user-node mapping method that uses cryptographic challenge-response instead of shared secrets. During provisioning, the cloud sends a challenge to the phone app, which relays it to the device over BLE. The device signs the challenge with its credentials and returns the response; the app forwards it to the cloud for verification. Mapping completes before Wi-Fi credentials are sent—so the node is added to the user's account even before it connects to the network.

Why it is recommended:

  • More secure — No shared secret is exchanged; the device proves ownership cryptographically.
  • More reliable — Mapping does not depend on MQTT; the node does not need network connectivity.
  • Early mapping — The user sees the device in their account as soon as provisioning starts.
  • Simpler flow — No node-to-cloud MQTT step during mapping.

Enable via CONFIG_ESP_RMAKER_ENABLE_CHALLENGE_RESPONSE=y in menuconfig (enabled by default on most platforms). Requires ESP RainMaker iOS app v3.4.0+ or Android app v3.7.0+. The node must be claimed first. For details, see User-Node Mapping.