I have successfully completed the Authorization flow between our service and Smart things and store the users Authorization Tokens in our local database.
I am now successfully sending a web request to our external API from inside a Smart App when a switch is turned on. The idea is for the switch to arm a security camera when turned on. The problem I am having is I do not see the Authorization code being sent anywhere in the request to our external API to identify what user is sending the request to Arm their specific camera(s).
Am I missing something here?
tgauchat
(ActionTiles.com co-founder Terry @ActionTiles; GitHub: @cosmicpuppy)
2
Unless I misunderstand your question, you may be misunderstanding the “direction” of things.
A SmartThings access token (auth token) permits an external service to connect into an instance of the Web Services SmartApp. It has nothing to do with the outbound communication.
If you need to identify a SmartThings SmartApp instance securely, tour external service should issue its own authorization to the SmartApp (for it to store in state[]). Since you are connecting from your web service to the Endpoint instance using a secure SmartThings token for that instance, you can be assured that you are issuing your own unique token to the correct instance.
My smart app successfully hits our token end point and gets an auth token but I don’t see a way to test any of this in the simulator.
tgauchat
(ActionTiles.com co-founder Terry @ActionTiles; GitHub: @cosmicpuppy)
6
Maybe.… but The simulator is of very limited utility, frankly: Never trust or rely on the Simulator!
It’s more reliable (even if a bit of hassle) to use plenty of log.debug statements to observe in Live Logging. You can easily “publish for me” and create an instance to run on your mobile.