If you are having issues with the exercises, please create a ticket on DevZone:
Click or drag files to this area to upload. You can upload up to 2 files.

Wi-Fi Provisioning

Wi-Fi provisioning is the process of connecting a new Wi-Fi device to a Wi-Fi network. The provisioning process involves providing the device with the network name (SSID) and its security credentials.

Having a simple provisioning process is imperative to the user experience of a Wi-Fi device. There are many ways to provision a Wi-Fi device based on what kind of security you need, and we will go through a few of them here.

The nRF Connect SDK provides the Wi-Fi credentials library to load and store Wi-Fi network credentials.

Static Wi-Fi configuration

The most straightforward way to provision a Wi-Fi device is to provide the necessary information statically in the application, before flashing it to the device. We will take a look at how to do this in Exercise 2 of this lesson.

To do this, we enable the following Kconfigs

You can also choose the Wi-Fi network security type:

Static provisioning is not recommended in deployed products since the end-consumer will likely want to input the network information for their specific Wi-Fi network.

Provisioning over shell

Another way to provision the Wi-Fi device is to provide the credentials via a shell interface and then store the credentials in flash. To enable shell commands in the application, enable the following Kconfigs

Using shell commands, issue the following command to add the Wi-Fi credentials and then initiate a connection to Wi-Fi

You can replace WPA2-PSK with the security protocol used by your AP, supported arguments are {OPEN, WPA2-PSK, WPA2-PSK-SHA256, WPA3-SAE}.

Provisioning over Bluetooth LE

Another secure method is to provide the network information over another protocol, such as Bluetooth LE. When provisioning a Wi-Fi device over Bluetooth LE, one uses a third Bluetooth LE enabled device, typically a smart phone, to connect to the Wi-Fi device over Bluetooth LE and provide the network credentials. The end-device can then connect to the AP and join the Wi-Fi network with the provided network credentials. We will take a closer look at how to do this in Exercise 3.

To do this, the nRF Connect SDK provides the Wi-Fi Provisioning Service, which implements a GATT service for Wi-Fi provisioning. This service also uses the Wi-Fi credentials library to handle and store the configuration during provisioning

Storing the credentials

The Wi-Fi credentials library provides two different backend options for credential storage, either using the Zephyr Settings subsystem (CONFIG_WIFI_CREDENTIALS_BACKEND_SETTINGS) or PSA Protected Storage (CONFIG_WIFI_CREDENTIALS_BACKEND_PSA).

The PSA backend is part of the Trusted Firmware-M, which is included as a child image in your application when building for the non-secure build-target. This is explained in detail in Multi-Image Builds in nRF Connect SDK Fundamentals course.

We will cover how to enable both of these backends in Exercise 2 of this lesson. The following exercises will only support building with TF-M and PSA backend, as this is the most secure option.

When using this backend, you must build the application with TF-M, using the build targets below:

BoardBuild with TF-M
nRF7002 DKnrf7002dk_nrf5340_cpuapp_ns
nRF5340 DK with nRF7002 EKnrf5340dk_nrf5340_cpuapp_ns
Register an account
Already have an account? Log in
(All fields are required unless specified optional)

  • 8 or more characters
  • Upper and lower case letters
  • At least one number or special character

Forgot your password?
Enter the email associated with your account, and we will send you a link to reset your password.