LoRa Basics™ Modems: Walk-through

LoRa Cloud™ Services

To begin, go to the LoRa Cloud™ portal and register for an account.

LoRa Cloud™ Device Join Service

The LoRa Cloud Device Join service allows you to claim pre-provisioned LoRa®-based modem devices. If you want to move your devices to another join server after they have been claimed, you can extract the AppKey or re-key the end node.


All Semtech modem modules come with default keys registered on the join server. However, Semtech LoRa Basics™ for End Nodes devices cannot be used with the Device Join service. If you are using a modem based on LoRa Basics™ for End Nodes, you can skip this chapter.

Create an Application Owner and Use Free Allowance

To begin, create an application owner. By creating different application owners, you can segregate permissions and parameters for groups of devices. To create an application owner, go to the Device Join page. Next, take the following steps:


  2. Enter a name for the application owner


  4. Under Free Allowance click ASSIGN

  5. Click OK in the confirmation window

Video walk-through: Creating an Application Owner


The free allowance will allow you to freely claim 100 devices during a year.

Using LoRa Cloud Device Join

There are two ways to use the LoRa Cloud Device Join service, depending on whether or not your LoRaWAN® Network Server (LNS) is in the list of recognized network servers

JS compatible network servers

Figure 1: Network servers compatible with LoRa Cloud Device Join

  • If your LNS is listed, it is linked to the LoRa Cloud join server. In this case, all you need to do is claim the device and the keys will be securely exchanged between the LNS and the join server.

  • If your LNS is not listed, there is no connection between the LoRa Cloud join server and the network server. You will need to claim the modem and then export the AppKey from the join server to be able to register the device with your LNS. In this case, there is no communication between the LNS and the join server. The key exchange is only between the network server and the device.

JS scenarios

Figure 2: Device Join Scenarios


The JoinEUI is used to route join requests to the Device Join server

Over-the-Air Activation with LoRa Cloud Device Join

When joining a device to a network using Over-the-Air Activation (OTAA) you only need to claim the device.


By default all LoRa Network Servers are allowed to forward join requests. If one more LNS are selected in the Network Server page all the unselected LNS are blacklisted.

Exporting the AppKey

Once you have claimed the device follow these steps to export device’s AppKey:

Device Join export AppKey

Figure 3: Device Join export AppKey

  1. Check the devices you want to export

  2. Click EXPORT DEVICE KEYS to download the CSV file


The line separator used in the CSV file is \n only (Linux format)

Claiming a Device

Claiming a device is the process of proving to the join server that the claimant owns the device. This process relies on a unique code derived from internal data, called a PIN.

To claim a device, you must get the DevEUI, ChipEUI, JoinEUI and PIN from the modem (see your modem page), and then go to the Device Join page.


  2. In the EUI field, enter the DevEUI

  3. In the PIN field, enter the PIN


Video walk-through: Claiming a device


The ChipEUI and JoinEUI are only required if the DevEUI or the JoinEUI have been changed.

Device & Application Services

The LoRa Cloud™ Device & Application Services provide a full set of lifecycle management features for LoRa®-based devices operating on a LoRaWAN® network. These features include but are not limited to:

  • Comprehensive device telemetry

  • Device and application configuration

  • Clock synchronization

  • Advanced data transport services with robustness against packet loss and transparent data fragmentation (buffer streaming and file upload).

The purpose of these services is to dramatically simplify the process of developing managed endpoint solutions and to make LoRa-based devices more accessible to application developers.

All Device & Application Services frames are sent at the application level. This means that the Device & Application Services server does not need to know the device’s security keys because your Application Server will forward decrypted data.


A token is required for the application server to authenticate calls to the Devices & Application Services server. Before creating a token, you need to first, create an owner. You only need to do this once. After an owner is created, you can start adding tokens:

Video walk-through: Creating a token

  1. Click ADD NEW TOKEN

  2. Give the token a name

  3. Select permissions for the owner:

    • List/Read Device State

    • Add/Delete Devices

    • Deliver Uplinks

    • Issue Device Requests

  4. To save the token, click the ADD NEW TOKEN button.

Device & Application Services URL

The Device & Application Services URL depends on the region in which the device will be deployed. The API URL is displayed at the top of the Manage Tokens page:


Devices & Application Services URL

Device Registration

When data is received from a device, it is automatically registered with the Device & Application Services server. This means that the device does not need to be registered beforehand.