Hi Alessanddro,
Great that you managed to have your device sending messages to IoT Hub and as I understood, you also created a service what can receive and process these messages from IoT Hub. This is also the explanation why at least two connection strings come into the game:
- one connection string for each IoT device out in the wild and potentially exposed to hackers.
- one or more connection strings for your (trustworthy?) consuming backend service(s)
To allow separation of the different areas and provide access control (a device usually should only send and receive data but not alter the device registry or read other messages), you should not use one connection string to connect a device and use the same for your backend service to consume the messages. To learn more about the other access control options to IoT Hub you can look athttps://docs.microsoft.com/en-us/azure/iot-hub/iot-hub-devguide-security and for security by design https://docs.microsoft.com/en-us/azure/iot-fundamentals/security-recommendations
To your second question on how to connect your device with Paho or any other MQTT client to IoT Hub, I recommend reading https://docs.microsoft.com/en-us/azure/iot-hub/iot-hub-mqtt-support This doc article contains even a python snippet showing how to connect a device. You just need to add the code to subscribe for receiving Cloud2Device Messages from IoT Hub as described further down in the doc. I still would highly recommend using the Azure IoT Device SDK as it already solves typical base functionality and is regularly updated for new features, bugs, and security-related fixes.
Your use case sounds interesting, and I do not see why this should not be possible with IoT Hub. You are right, IoT Hub is no full MQTT broker and does not provide subscriptions to read only a particular device, although if required, you can filter in IoT Hub on a specific device id or other message properties and even on the payload to route traffic into a specific processing pipeline. https://docs.microsoft.com/en-us/azure/iot-hub/iot-hub-devguide-messages-d2c
Best regards
Christian