Connecting a headless IoT device (such as an ESP32 microcontroller) to a local Wi-Fi access point remains a challenging UX problem. A common solution is Wi-Fi Provisioning: using a companion mobile application (written in Flutter) to securely transmit Wi-Fi SSID and Password credentials to the ESP32.
Provisioning Handshake Workflow
The provisioning protocol can be executed either over BLE or via a temporary Wi-Fi SoftAP hosted by the ESP32. The process follows a clear state machine:
- Discovery: The Flutter mobile app scans for the ESP32 (advertising as a BLE peripheral or SoftAP).
- Handshake: App establishes a secure session (optionally exchanging DH key pairs for session encryption).
- Transmission: App sends credentials formatted in a compact JSON payload.
- Verification: ESP32 attempts connection to the local AP, and reports back status to the app.
SSID & Password Payload Exchange
{
"cmd": "prov_connect",
"ssid": "Home_WiFi_2.4G",
"pass": "SecureWiFiPassword123",
"device_name": "Embeddronics-Node-08"
}
Once connection is confirmed, the ESP32 saves the credentials in Non-Volatile Storage (NVS) flash, disables its SoftAP or BLE advertising, and starts normal MQTT telemetry transmission.
Open-Source Repository
Access the complete Flutter code and ESP32 provisioning firmware on GitHub: esp32wifiapp.
Need help with ESP32 Wi-Fi provisioning and Flutter IoT apps? Contact our engineering team.