How to handle device provisioning in Windows IoT Core

Hi everyone, I'm trying to automate the provisioning of a fleet of Windows IoT Core devices. The devices need to securely download their configuration from Azure IoT Hub at first boot. I found the Device Configuration Service, but I'm not sure how to integrate it with a custom provisioning workflow. Has anyone implemented a similar approach? Any code samples or documentation would be greatly appreciated. Thanks!

Hey Alice, We used the DPS (Device Provisioning Service) together with the IoT Hub's enrollment groups. The device runs a small bootstrap script that calls the DPS endpoint with its derived symmetric key. Once provisioned, you can push your configuration via the Desired Properties of the device twin. Here's a quick snippet for the bootstrap script: ```powershell # Install Azure IoT SDK Install-Package -Name Microsoft.Azure.Devices.Client -Force # Load credentials $certPath = "C:\Provisioning\deviceCert.pfx" $cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2($certPath, "password") # Connect to DPS $provisioning = [Microsoft.Azure.Devices.Provisioning.Client.ProvisioningDeviceClient]::Create("global.azure-devices-provisioning.net","0ne0000A1B","", $cert) $registrationResult = $provisioning.RegisterAsync().GetAwaiter().GetResult() if($registrationResult.Status -eq "Assigned") { Write-Host "Provisioned to IoT Hub:" $registrationResult.AssignedHub # Continue with device client... } ``` Make sure the device has internet access at first boot, and store the enrollment group key securely. This way you don't need to embed any secrets directly on the device. Hope this helps!``` Let me know if you need more details. Best, Bob