Carriots Security - Communications

Note: in order to focus on the didactic side and maximize the compatibility with older devices, most of our tutorials are written using HTTP or MQTT over TCP. Anyway Carriots encourages developers to use encrypted communications in a production environement.

A very important aspect that Carriots takes very seriously is the security, reliability and integrity of communications between external devices or applications and Carriots.

HTTP vs HTTPS

Communication with Carriots REST API relies on HTTP protocol. We highly recommend to use the HTTPS version which creates a secure encrypted connection between your app / devices and Carriots.

Without HTTPS, any data passed is insecure. This is especially important for developments where sensitive data is passed across the connection.

Example: GET https://api.carriots.com/devices/

MQTT over TCP vs TLS

In Carriots you can use the MQTT protocol to send streams and exchange information with your devices.

MQTT relies on TCP as transport protocol, which means by default the connection does not use an encrypted communication. To encrypt the whole MQTT communication, most MQTT brokers allow to use TLS instead of plain TCP. TCP/IP port 1883 is reserved for use with MQTT and TCI/IP port 8883 is also reserved for use MQTT over TLS.

HOST PORT Description
mqttbroker.carriots.com 1883
mqttbroker.carriots.com 8883 (TLS)

For deeper information please read our MQTT documentation.

Protocols and Checksum

When using Carriots control panel, data integrity is granted by our panels logic. When REST API is used, checksum with HMAC can be useful to automatically check data integrity and re-authenticate each request.

Carriots has 3 protocols to be used between external devices or applications and Carriots. Using Carriots protocol version v3 the checksum token is generated by the sender and included in the stream "envelope".

For deeper information please read our Protocols and Checksum documentation.