We are having an issue connecting to the URL returned by the Subscription API.
We use the AUTH token and send a request to a Subscription API, which returns a structure with a URL in it when we try to connect to that URL we get a Forbidden (403).
We started seeing this issue since yesterday. Is there a change on the API side that might have caused this issue ?
This error could appear due to the token type and scopes, or the InstalledAppId used to create the subscription.
If you are using an API access app, make sure you are requesting the subscription creation using the InstalledAppId granted with the Access Token. Here is an example of the response from the Oauth/token endpoint:
I am having the exact same issue. Like the others, my code had been running fine for me for over a year so something recently changed. I first began receiving reports of the 403 errors on 10/7/2020.
My application is not using a SmartApp. It’s using a personal access token generated from the URL below. Even with every option checked on the token page, it’ll still send a 403 Forbidden Error when trying to listen to the event stream. https://account.smartthings.com/tokens
What I find odd is that I am still able to create the subscription with the POST request. It’s only when I send the GET request to the “registrationUrl” that it fails.
As a work around I’ve implemented periodic device polling but I’d much prefer listening to the events so I don’t have to worry about exceeding API rate limits.
Would you please open a support ticket by sending an email to build@smartthings.com and share with me this information?
Are you using an API Access app or you are interacting with the SmartThings API using only the Personal Access Token? (If you are using an API Access App, please, include its App ID obtained from the Developer Workspace)
Complete logs of the request to create the subscription and its response
Thanks for looking into this @nayelyz! I just sent an email with the information you’ve requested. In the email, I attached a TXT file with the logs. If for some reason that got removed, let me know & I can resend it.