IoT Central administrator guide
An IoT Central application lets you monitor and manage millions of devices throughout their life cycle. This guide is for administrators who manage IoT Central applications.
In IoT Central, an administrator:
- Manages users and roles in the application.
- Creates and manages organizations.
- Manages security such as device authentication.
- Configures application settings.
- Upgrades applications.
- Exports and shares applications.
- Monitors application health.
Users and roles
IoT Central uses a role-based access control system to manage user permissions within an application. IoT Central has three built-in roles for administrators, solution builders, and operators. An administrator can create custom roles with specific sets of permissions. An administrator is responsible for adding users to an application and assigning them to roles.
To learn more, see Manage users and roles in your IoT Central application.
Organizations
Organizations let you define a hierarchy that you use to manage which users can see which devices in your IoT Central application. The user's role determines their permissions over the devices they see, and the experiences they can access.
To learn more, see Create an IoT Central organization.
Application security
Devices that connect to your IoT Central application typically use X.509 certificates or shared access signatures (SAS) as credentials. The administrator manages the group certificates or keys that the device credentials are derived from.
To learn more, see X.509 group enrollment, SAS group enrollment, and How to roll X.509 device certificates.
The administrator can also create and manage the API tokens that a client application uses to authenticate with your IoT Central application. Client applications use the REST API to interact with IoT Central.
For data exports, the administrator can configure managed identities to secure the connections to the export destinations. To learn more, see:
- Configure a managed identity (Azure portal)
- Configure a managed identity (REST API)
- Configure a managed identity (Azure CLI)
Configure an application
The administrator can configure the behavior and appearance of an IoT Central application. To learn more, see:
- Change application name and URL
- Customize the UI
- Move an application to a different pricing plans
- Configure file uploads
Export an application
An administrator can:
- Create a copy of an application if you just need a duplicate copy of your application. For example, you may need a duplicate copy for testing.
- Create an application template from an existing application if you plan to create multiple copies.
To learn more, see Create and use a custom application template .
Migrate to a new version
An administrator can migrate an application to a newer version. Currently, a newly created application is a V3 application. An administrator may need to migrate a V2 application to a V3 application.
To learn more, see Migrate your V2 IoT Central application to V3.
Monitor application health
An administrator can use IoT Central metrics to assess the health of connected devices and the health of running data exports.
To view the metrics, an administrator can use charts in the Azure portal, a REST API, or PowerShell or Azure CLI queries.
To learn more, see Monitor application health.
Monitor connected IoT Edge devices
To learn how to remotely monitor your IoT Edge fleet using Azure Monitor and built-in metrics integration, see Collect and transport metrics.
Tools
Many of the tools you use as an administrator are available in the Administration section of each IoT Central application. You can also use the following tools to complete some administrative tasks:
Next steps
Now that you've learned about how to administer your Azure IoT Central application, the suggested next step is to learn about Manage users and roles in Azure IoT Central.