Do we have permission to change the location Mode in nodejs smart apps?

Hello. I am developing a smart app in Nodejs. I subscribe to the light devicehandler. when the value is “on”, I want to change the location mode to “Home”. here is the code:

.subscribedEventHandler(‘lightHandler’, async (context, event) => {
if (event.value === ‘on’) {
let homeModeId = ‘’;
const modeList = await context.api.modes.list();
modeList.forEach(element => {
if ( === ‘Home’) {
homeModeId =;
// const current = await context.api.modes.getCurrent(event.locationId)
await context.api.modes.setCurrent(homeModeId , event.locationId);
console.log(“SmartThings changed your mode to ‘Home’, welcome back home!”);

I tested the API in the postman and it works. although for that, I am using the personal access token(PAT) with the permissions below:

while registering the app in smartthings platform, there is a step for choosing the permissions. I checked all of them, but I don’t see all the permissions here(the ones I could have in generating PAT). for instance, there is no w:locations:* and x:locations:* permission which is related to changing the location mode. so I can not have the

although I gave this permissions in my code, like below:
app.permissions([‘r:locations:'], ['x:devices:’], [‘l:devices’], [‘w:locations:'],['x:locations:’])

but it doesn’t work. the getCurrent method is working since I have the read permission (r:locations:*). but the setCurrent function is not working.

so what is the reason? did smartthings limit the access for the smart apps? we don’t have permission to change the location mode from inside the code anymore?

Hi, @Mahdieh_Ghorbanian. Welcome to the SmartThings Community!

Let me check some details about this with the engineering team and I’ll let you know their feedback.

1 Like

The Developer Workspace has always suffered from what I call ‘wandered a bit too close to Samsung disease’. Like the mobile apps it seems to exist in a slightly alternative reality to most of SmartThings.

The list of permissions you can whitelist for SmartApps in the Developer Workspace is not complete. Installed SmartApps work in a Location context so you can’t add all the permissions that PATs can have, but you can certainly add x:locations:*. I know because I just did it, updated an installed app, and then used the access token from the app to set the current mode.

If you have the CLI installed you can run smartthings apps:oauth -o myoauth.yaml to output the settings to a file. You can then edit that file to add x:locations:* to the list, and run smartthings apps:oauth:update -i myoauth.yaml to update the app. Obviously you can use JSON if that floats your boat, and do the same thing via the API directly.

You would then add x:locations:* to the permissions in the INITIALIZE lifecycle phase of your app code to select the now whitelisted permission and update your installed app via the mobile app.

You should then be flying, though I should note that I didn’t actually try setting the current mode from the app, I used the app’s access token in the CLI. It’s basically the same thing though.

Please note that if you mess with the app in the Developer Workspace you may splat over these settings. However you don’t really need to once you have published to test for the first time as that is about all you can’t do outside the Developer Workspace (well actually you might be able to, I can’t remember if I tried it, but you do need the project ID from the Developer Workspace to do it so it is a bit tedious).

Might I also politely suggest that when you are working with Location modes you favour label over name where it exists (I’ve not seen it not exist but you never know). As is the case in a number of places in the SmartThings API, the name of the Location Mode object is set when it is created and can’t be updated, whereas the label is the property you can update and the one you usually want to work with. So it is quite possible for you to have a mode with the name Home and the label Away if you chose to play.

1 Like

Thank you for your reply and your detailed explanation. The command

smartthings apps:oauth -i myoauth.yaml
doesn’t exist. (checked in --help)

instead I tried

smartthings apps:oauth:update

I could update the permissions for a specific smart app.
I gave all the permissions including(this is the output after updating):


Also I added the below permissions to the code:

.permissions([‘r:locations:'],['w:locations:’],[‘x:locations:'],['r:devices:’], [‘x:devices:'],['w:devices:’])

Still I get error code 403 while updating the location mode.

When I try it in postman, the only permissions I have are
and works properly.

Thank you for your time in advance.

Hi, @Mahdieh_Ghorbanian
Is this exactly how those permissions are included in your code? If so, I suggest you change it to:


You can verify they’re included correctly for your SmartApp in the logs of the lifecycle CONFIGURATION/INITIALIZE, your app’s response must include those permissions correctly, for example:

  "statusCode": 200,
  "configurationData": {
    "initialize": {
      "id": "location-mode-request",
      "firstPageId": "mainPage",
      "permissions": [
      "disableCustomDisplayName": false,
      "disableRemoveApp": false

I made the test and was able to change the location mode.

It worked. Thank you for your help.

1 Like