After reading through the documentation, I get to this question in the title.
As far as I concluded, there are two ways to change shadow via cloud:
- using REST API and API_KEY (then REST route has the target device identifier)
- using REST API and DEVICE PUBLIC KEY (the REST route doesn’t have the target device identifier, I guess it is derived from the key). In this case, the specified ACL rules applies, allowing fine grade control over the shadow.
The latter approach is convenient as it is sufficient to distribute the DEVICE PUBLIC KEY for such control.
But I didn’t find a similar approach for the RPC invocation. I found only the REST API with the API KEY.
It would be convenient to be able to invoke RPC using the DEVICE PUBLIC KEY without knowing the actual device name, since in that case the only credential required for a PWA would be the DEVICE PUBLIC KEY.
My question is - is there such a mechanism to invoke RPC using DEVICE PUBLIC KEY?