Setup

Deploy the platform to your Cloudflare account, then gate it with Cloudflare Access.

Deploy to Cloudflare

1. Cloudflare Access

  1. Cloudflare Dashboard → Zero TrustAccessApplicationsAdd an application.
  2. Type: Self-hosted. Domain: your worker hostname (e.g. nodrix.workers.dev).
  3. Add a policy: e.g. Emails ending in @your-domain.com.
  4. Copy the Application Audience (AUD) tag and your team domain.
  5. Set the worker's env vars: CF_ACCESS_TEAM_DOMAIN and CF_ACCESS_AUD.
  6. Visit the worker URL — first login provisions you as the owner and creates a default project.

2. Register a device

In the admin UI → DevicesCreate. The token is shown once — copy it into your device firmware now.

3. Device protocol

Three HTTPS endpoints. Auth: Authorization: Bearer <device_token>. 

POST /v1/telemetry
{ "ts": 1715900000, "metrics": { "temperature": 23.4, "humidity": 61 } }
→ 204 No Content

GET /v1/commands
→ { "commands": [ { "id": "cmd_x", "name": "relay", "value": "on" } ] }

POST /v1/commands/ack
{ "ids": ["cmd_x"] }
→ { "acked": 1 }

4. Read API

For external apps. Mint a token in the admin UI → API tokens. Auth: Authorization: Bearer <user_token>. 

GET /v1/projects/:proj/devices
GET /v1/projects/:proj/devices/:id/state          (edge-cached, ~1s)
GET /v1/projects/:proj/devices/:id/series?metric=temperature&window=1h