This recipe, starts with create a Device simulator and connecting it by AMQP protocol to the IoT Hub. By default, all telemetry data goes in /devices/{0}/messages/events, and a shared access signature is generated using the device explorer tool.

To make this connectivity, we need to use the claim-based security token. Post that, we have created a sender link which sends all messages device-to-cloud.

In the latter part, we configured the receiver link to accept the command. We can even reject these using Reject() in a required scenario.

Using the device explorer tool, we can only view the communication and send a command back to the AMQP client that we have created. This will print it on the console. In the real world, we will process the command once it is accepted at the client side, which is an IoT device.

For more details on authentication and authorization using CBS, refer to the following link:

https://docs.microsoft.com/en-us/azure/service-bus-messaging/service-bus-sas