Onboarding Guide
This guide walks you through the information we need to connect your charging infrastructure to Pleevi's Smart OCPP Broker.
You can also download this guide as a PDF form to fill in and send back to us.
1. Current CPMS WebSocket URL
We need the WebSocket endpoint of your current Charge Point Management System (CPMS). This is the URL your charging stations currently connect to via OCPP. The Pleevi broker will proxy all OCPP messages through to this endpoint, ensuring full transparency with your existing platform.
| Field | Example |
|---|---|
| CPMS WebSocket URL | wss://cpms.example.com/ocpp |
Typically this is a wss:// (secure WebSocket) or ws:// URL provided by your CPMS vendor.
2. OCPP Security Profile & Credentials
OCPP 2.0.1 defines three security profiles with increasing levels of protection. Please indicate which profile is configured on your charging stations and provide the corresponding credentials and certificates.
| Field | Example |
|---|---|
| Security Profile in Use | Profile 2 (TLS + Basic Auth) |
| OCPP Version (optional) | OCPP 1.6J / OCPP 2.0.1 |
Only fill in the section that matches your profile. If you're unsure which profile or certificates are in use, let us know, we'll help you set this up. If possible, send us a screenshot of the OCPP configuration view of the charging station.
Profile 0, No Authentication (ws://)
The charging station connects to the CPMS over an unencrypted WebSocket without any authentication. There is no password and no TLS encryption. This is common on simple or older charging stations that rely on network-level security (e.g., a private APN or local network).
What we need:
| Field | Description |
|---|---|
| Internet access | Can the charging station reach the internet directly, or is it behind a firewall/NAT? |
Profile 1, Basic Authentication, Unsecured Transport (ws://)
Communication runs over an unencrypted WebSocket. The charging station authenticates to the CPMS using an HTTP Basic Auth password sent during the WebSocket upgrade. Because traffic is not encrypted, this profile is only suitable for trusted/private networks or when a VPN tunnel is in place. It is deprecated in most modern deployments.
What we need:
| Field | Description |
|---|---|
| VPN (if applicable) | If stations connect via VPN or the CPMS is behind a VPN, provide details on the setup. |
| Internet access | Can the charging station reach the internet directly, or is it behind a firewall/NAT? |
Profile 2, TLS with Basic Authentication (wss://)
Communication is encrypted using TLS 1.2 or higher. During the TLS handshake, the CPMS presents a server certificate which the charging station validates against a trusted CA root. After the secure channel is established, the station authenticates with an HTTP Basic Auth password. This profile protects against eavesdropping and man-in-the-middle attacks.
What we need:
| Field | Description |
|---|---|
| Custom CA Root Certificate | Do you use a custom CA Root Certificate? If not sure, indicate so. |
| VPN (if applicable) | If stations connect via VPN or the CPMS is behind a VPN, provide details on the setup. |
| Internet access | Can the charging station reach the internet directly, or is it behind a firewall/NAT? |
Profile 3, Mutual TLS / Client-Side Certificates (wss://)
The highest security level. Both the CPMS and the charging station exchange and verify TLS certificates (mutual TLS / mTLS). This eliminates password-based authentication entirely. Each station holds a unique client certificate that acts as its identity. Provides message integrity and non-repudiation.
Due to the complexity of mutual TLS configuration, we will schedule a dedicated onboarding meeting to walk through the certificate setup together. Please reach out to your Pleevi contact or email support@pleevi.ai to arrange this.
3. Driver List
Please provide a CSV file containing the drivers that should be authorized through the Smart OCPP Broker. Each driver should have an email address and one or more badge IDs (RFID tokens).
This list is required for identifying the user in the broker. If authorization is handled by the CPMS, the CPMS will remain in charge of authentication.
Expected CSV Format
email,badge_ids
john.doe@example.com,"BADGE001,BADGE002"
jane.smith@example.com,BADGE003
- File format: UTF-8 encoded CSV with headers
emailandbadge_ids. - Multiple badge IDs for a single driver can be separated by commas within the same field.
- Send the file as an attachment alongside the completed onboarding form.
4. What Happens Next?
After receiving and processing the information above, we will:
- Provision your environment in the Pleevi platform.
- Provide you with a new WebSocket URL to configure on your charging stations.
This new URL should be configured on your charging stations in place of the current CPMS WebSocket URL. All OCPP communication will then flow through the Pleevi Smart OCPP Broker, which proxies messages to your original CPMS.
Your existing CPMS will continue to receive all OCPP messages as before, no changes are needed on the CPMS side.
Questions?
Reach out to your Pleevi contact or email us at support@pleevi.ai.