Maybe there’s a misunderstanding, potentially of the term “provisioning”.
“Provisioning” as in “providing the devices with an identity” is a solved problem for us.
Our devices are provided with individual x509 client certs used to connect and identify themselves towards the MQTT broker (and restricted to their topics).
What we’re looking for is a way of associating the devices (speak: associate the x509 identities) with an online account each, where the owner/operator of the device can eventually log in to and e.g. see a dashboard of values aggregated from values gathered from the device via MQTT and/or triggering commands conveyed via MQTT and eventually executed by the device (e.g. “update”).
This online account would need to be created, obviously, and we’re looking for a way to do it as smooth for the user / operator of our devices as possible - e.g. by a QR code printed on the the device, containing an URL, which points to a form which, after just some values to enter, creates an account and associates it with the device.
As MQTT broker we use mosquitto, which does a nice job in restricting devices to their MQTT topics according to their x509 attributes.
In that way OpenRemote would act as web<->mqtt gateway, being an MQTT client which is subscribed to all topics (=all devices), and respectively publishes on / reacts to certain messages on the MQTT bus.
Is this something OpenRemote could be the solution for? - After my research I can’t confirm nor deny it 100% 