AWS IoT Data Plane

Name: AWS IoT Data Plane API
Brand: AWS IoT Data Plane
Availability: InStock

★ Only Publicly Available SpecIOTDevice Managementhmac7 EndpointsREST

For Agents

Publish MQTT messages, read and update device shadow documents, and manage retained messages on AWS IoT Core to drive the runtime behaviour of connected devices.

Quickstart

Get started with AWS IoT Data Plane in minutes using your preferred integration method.

# Add to your MCP client config (Claude Desktop, Cursor, Windsurf)
{
  "jentic": {
    "url": "https://api.jentic.com/mcp",
    "auth": "oauth"
  }
}

# Then ask your agent:
"publish a message to an aws iot topic"

# → Jentic returns the GET /events tool with parameter schema, agent executes.

Capabilities

What an agent can do with AWS IoT Data Plane API.

Publish MQTT messages to a topic via HTTPS POST without holding an MQTT connection

Get and update the unnamed shadow document of a thing

Get and update named shadows for things that maintain multiple state documents

Delete a shadow when the device or feature is decommissioned

GET STARTED

Start building with AWS IoT Data Plane API

Explore with Jentic

View OpenAPI Spec

Use for: I need to publish a JSON command to the topic devices/sensor-42/cmd, Get the current shadow document for a thing named warehouse-fan-01, Update the desired state of a thing's shadow to set fanSpeed to 75, List all named shadows attached to a particular thing

Not supported: Does not handle thing registration, certificate management, or rule engine configuration — use for runtime MQTT publish, device shadows, and retained messages only.

Jentic publishes the only available OpenAPI specification for AWS IoT Data Plane, keeping it validated and agent-ready.

Jentic publishes the only available OpenAPI specification for AWS IoT Data Plane, keeping it validated and agent-ready. The IoT Data Plane API is the runtime surface for publishing MQTT messages, reading and updating device shadows, and managing retained messages on AWS IoT Core. It is a focused 7-endpoint API used by applications and backend services that interact with the live state of connected devices rather than configuring the IoT Core platform itself.

Use Cases

Patterns agents use AWS IoT Data Plane API for, with concrete tasks.

★ Backend-to-Device Command Dispatch

Send commands from a backend service to connected devices without maintaining an MQTT client. The Publish operation pushes a JSON payload to a topic over HTTPS using SigV4, and the device receives it via its existing MQTT subscription. This is the simplest pattern for occasional commands such as firmware update triggers or configuration nudges.

Call POST /topics/devices/fan-01/cmd with payload {"action":"setSpeed","value":75} and qos=1

Shadow-Based State Synchronisation

Use device shadows as the system of record for a thing's desired and reported state. Backends call UpdateThingShadow to set desired state, devices call UpdateThingShadow when their reported state changes, and either side can call GetThingShadow to read the current document. The API supports both unnamed and named shadows for things that need multiple feature-scoped state objects.

Call GET /things/warehouse-fan-01/shadow to read the current document, then PUT to the same path with payload {"state":{"desired":{"fanSpeed":50}}}

Retained Message Bootstrap

Use retained messages to give newly-connecting clients an immediate state snapshot. The broker stores the last retained message per topic; ListRetainedMessages and GetRetainedMessage let backend tools enumerate and inspect what is currently retained. This is useful for diagnosing why a fleet of devices is starting up with stale state.

Call GET /retainedMessage to list retained messages, then GET /retainedMessage/{topic} for any topic that needs inspection

AI Agent Device Operations

Through Jentic, an AI agent can act as a device operator — publishing commands, inspecting shadows, and updating desired state in response to natural-language instructions. The 7 IoT Data Plane operations are surfaced as discoverable Jentic tools so the agent picks the right one from intent.

Search Jentic for 'update aws iot device shadow', load the UpdateThingShadow schema, and execute with thingName and a state payload

Key Endpoints

7 endpoints — jentic publishes the only available openapi specification for aws iot data plane, keeping it validated and agent-ready.

METHOD

PATH

DESCRIPTION

POST

/topics/{topic}

Publish — publish a message to a topic over HTTPS

GET

/things/{thingName}/shadow

GetThingShadow — read a thing's unnamed or named shadow

POST

/things/{thingName}/shadow

UpdateThingShadow — update a thing's shadow document

DELETE

/things/{thingName}/shadow

DeleteThingShadow — delete a shadow

GET

/api/things/shadow/ListNamedShadowsForThing/{thingName}

ListNamedShadowsForThing — list named shadows on a thing

GET

/retainedMessage/{topic}

GetRetainedMessage — fetch a retained message for a topic

GET

/retainedMessage

ListRetainedMessages — list retained messages on the account

POST

/topics/{topic}

Publish — publish a message to a topic over HTTPS

GET

/things/{thingName}/shadow

GetThingShadow — read a thing's unnamed or named shadow

POST

/things/{thingName}/shadow

UpdateThingShadow — update a thing's shadow document

DELETE

/things/{thingName}/shadow

DeleteThingShadow — delete a shadow

GET

/api/things/shadow/ListNamedShadowsForThing/{thingName}

ListNamedShadowsForThing — list named shadows on a thing

Why though Jentic?

Three things that make agents converge on Jentic-routed access.

Credential isolation

AWS access keys for IoT Data Plane are stored encrypted in the Jentic vault. Agents never see the raw credentials — Jentic signs each Publish or shadow request with SigV4 server-side.

Intent-based discovery

Agents search Jentic with intents like 'publish to aws iot topic' or 'update device shadow' and get back the matching operation with its input schema.

Time to first call

Direct integration: 4-8 hours to wire up the AWS SDK, SigV4, and shadow document handling. Through Jentic: under 15 minutes.

Related APIs

Alternatives and complements available in the Jentic catalogue.

Complementary

AWS IoT Jobs Data Plane

Devices fetch and update job executions over the same kind of runtime endpoint

Use IoT Jobs Data Plane for the device-side job lifecycle; use IoT Data Plane for general MQTT publish and shadow operations.

Complementary

AWS Greengrass

Edge runtime that bridges devices to AWS IoT Core and the Data Plane API

Use Greengrass to deploy and configure edge runtimes; use IoT Data Plane to publish messages and update shadows from backend services.

Complementary

AWS IoT Events

State machines that consume telemetry published via the IoT Data Plane

Use IoT Events to react to telemetry with detector models; use IoT Data Plane to publish that telemetry from backends or read shadow state.

FAQs

Specific to using AWS IoT Data Plane API through Jentic.

Why is there no official OpenAPI spec for AWS IoT Data Plane?

AWS does not publish an OpenAPI specification. Jentic generates and maintains this spec so that AI agents and developers can call AWS IoT Data Plane via structured tooling. It is validated against the live API and kept up to date. Get started at https://app.jentic.com/sign-up.

What authentication does the AWS IoT Data Plane API use?

The API uses AWS Signature Version 4 (HMAC) request signing with an AWS access key ID and secret access key. The same endpoint also accepts client certificate authentication for devices, but the OpenAPI spec covers the SigV4 path used by backend applications.

Can I update a device shadow with the IoT Data Plane API?

Yes. Call POST /things/{thingName}/shadow with a JSON body containing a state object such as {"state":{"desired":{"fanSpeed":75}}}. For named shadows, append the ?name=shadow-name query parameter to target a specific named shadow.

What are the rate limits for the AWS IoT Data Plane API?

AWS applies per-account, per-region request quotas to IoT Data Plane operations and these vary by call. Publish has higher throughput than shadow updates. Check AWS Service Quotas for current limits and request increases if needed.

How do I publish a command to a topic through Jentic?

Search Jentic for 'publish to aws iot topic', load the Publish schema, and execute with the topic in the path and a payload body. Jentic signs the request with SigV4 so the agent does not handle AWS credentials directly.

What is the difference between this API and AWS IoT Core control plane?

This data-plane API operates on runtime state — publishing messages, reading and writing shadows, and managing retained messages. The IoT Core control plane manages things, certificates, policies, and rules. Use this API at runtime; use the control plane for configuration.