How do I make a GATT server connect to a specific clients(without pairing mechanism)?

Hi.

If you are referring to estimote beacons? These are iBeacons, which just broadcasts a set message out in the area around them. The smartphone app does not connect to the beacons, it just scans them and read the information they broadcast.

A BLE peripheral cannot choose which central is allowed to connect. The only exception is with whitelisting, where the peripheral has stored information about a previously bonded device. It will then only allow connections from that device.

If you tell me more about what you want to make, i might be able to provide more specific tips. How are you planning to do authentication over web to a BLE device?

-Anders

Hi.

If you are referring to estimote beacons? These are iBeacons, which just broadcasts a set message out in the area around them. The smartphone app does not connect to the beacons, it just scans them and read the information they broadcast.

A BLE peripheral cannot choose which central is allowed to connect. The only exception is with whitelisting, where the peripheral has stored information about a previously bonded device. It will then only allow connections from that device.

If you tell me more about what you want to make, i might be able to provide more specific tips. How are you planning to do authentication over web to a BLE device?

-Anders

Hi Anders, thanks for the response. Our end user device will be a small BLE device based on nRF51822. Now, we want the customer to connect to the end BLE device with an app provided by us only if he registered it on web with the given key. The BLE end device will not have any display or keyboard to do the canonical BLE pairing. We don't want any other central app/device to connect(or even see if possible) to our end devices. What are the ways we can do that?

"The smartphone app does not connect to the beacons, it just scans them and read the information they broadcast." If connecting means using the GATT service, then, I think the Estimote app does connect(logged in as the owner user of the device via internet) to the Estimote device after the device is registered. And it doesn't let other apps(namely, Nordic MCP) to connect to it/use the GATT service. Also, you might be aware that Estimote uses nRF51822. So, I guess, what they are doing is doable with nRF51 SDK too.

I am not sure how Estimote does it. But as i said, there is no way (other than whitelist) that a peripheral can deny a connection. What you can do, is do authentication after the connection, and disconnect if the authentication fails. The challenge will probably be for the BLE device to know if the app is registered online. You can use some calculated key sequence based on an ID or something. You are probably right about the estimotes being connectible, because you can configure them. I thought they were pre-configured beacons.

Say, for example, after connecting to any GATT client, it goes here. I have a key hardcoded on the BLE device, which the app will only know downloading from internet after secure login. How do I prompt the app to send the key so that, the device can keep or drop the connection based on it?

You can set up a pairing with a static passkey. This key will be constricted to 6 digits. Alternatively you can do this authentication through a GATT service. Then you can implement a more complex algorithm or scheme. (Btw, most peripheral devices are GATT servers, your phone will most likely be the GATT client).