403 error when accessing API

snoopbuild · June 19, 2013, 12:54am

Can someone tell me how to get API access from an external web service? All I’m trying to do is flip on a switch, but I am getting a 403 ”AccessDenied, You are not authorized to perform the requested operation.” message.

This is what I’ve done, but I’m not sure if I’m missing something:

created SmartApp using ”Sample Web Services Application” from ST
installed/configured SmartApp using iOS app, allowing access to my switch
using Fiddler HTTP Proxy (for testing), I’m sending an HTTP PUT to https://graph.api.smartthings.com/api/smartapps/installations/{smart_app_id}/switches/{switch_id}.
I’m certain I have the correct smart_app_id and switch_id, as I can see them via API.

HTTP Headers contain:
Content-Type: application-json
Authorization: Basic {my_base_64_encoded username:password}

HTTP Body contains:
{command: on}

However, I get the 403. I can perform other API calls, and they work OK.

Can developers use an API via web service like this to control their things?

dlieberman · June 19, 2013, 12:50pm

@snoopbuild - We’re still working to finish up the documentation and tutorials for how to expose web service endpoints from SmartApps. The draft documentation is available here:

but there are still a couple of sections missing. The main things that are missing are the discovery of your endpoints once the SmartApp is installed:

HTTP Header:
Authorization: Bearer [your OAuth2 token]

HTTP GET: https://graph.api.smartthings.com/api/smartapps/endpoints

Which should return something that looks like:

200 OK
[
  {
	"oauthClient": {
  	"clientId": "myclient",
  	"authorizedGrantTypes": "authorization_code"
	},
	"url": "/api/smartapps/installations/8a2aa0cd3df1a718013df1ca2e3f000c"
  }
]

And making calls to your SmartApp:

Headers:
Authorization: Bearer [your OAuth2 token]

HTTP GET: http://graph.api.smartthings.com/api/smartapps/installations/8a2aa0cd3df1a718013df1ca2e3f000c/switches

Will return a list of switches, and

Headers:
Content-Type:  application/json
Authorization:  Bearer [your OAuth2 token]

PUT /api/smartapps/installations/8a2aa0cd3df1a718013df1ca2e3f000c/switches/8a818a9b39c0de7f0139c0dff1290073

Request body:
{“command”: “on”}

Will send the on command to a specific switch. I hope that’s helpful, and we should have the documentation completed and tutorials posted soon.

mdementen · September 6, 2013, 3:27am

Hello Dan,

I followed the unfinished doc mentioned above by snoopbuild, mapped some api functions into my app. I successfully got an access token, retrieved my endpoint url but when I try to retrieve my switches list trough my endpoint url I’m getting an

HTTP/1.1 500 Internal Server Error.

Any help would be greatly appreciated.

Thx

mdementen · September 7, 2013, 1:36am

OK after further research I found out that there was a problem in my web service app.

Topic		Replies	Views
SmartApp WebServices doesnt ask for authorization of switches? Writing SmartApps	0	518	March 15, 2017
How to use API Token in URL Writing SmartApps	1	1206	March 16, 2019
Missing API? General Discussion archive_developers	13	2464	April 24, 2016
Web Services - Invalid Token Writing SmartApps webservices	5	2180	April 25, 2018
HTTP API help General Discussion archive_developers	1	937	April 30, 2014

403 error when accessing API

Related topics