Hello Erik, I am have the same need as Swati. My application has to get some information about Smartthing devices. I was able to generate a PAT, but it is only good for 24hrs. I saw that there is an way to solve it if I create an SmartApp. However, i am having hard time getting a Smartthing app installed . Any help is more so welcome.. thanks a lot
Hi, @Guga_Franzin
Erick is no longer part of the Developer Support team and also the other thread was too old, so I moved your post to this new thread.
What kind of application are you working with?
I ask because the other possibility is creating an OAuth Integration to get Access Tokens which you can refresh once they expire.
SmartApps are for self-publish only and they are mostly used for advanced automations in the SmartThings platform. For example, getting data from an external source and sending commands to other devices based on that.
Hello Nayelyz, I hope you are doing well.
I really appreciated your response.
The smart house automation application that i am working with is called Iridium (https://iridi.com/). From that, i can make Http (post/get) requests to smartthings devices with no problem using PAT.
I found this how-to-OAuth-server-integration guide https://www.youtube.com/watch?v=q3tl-qKXqXY, it worked fine. In fact, at the end i was able to test the application on smartthings cloud, it went fine, i got some progress that.
When i run a communication test between an Smartthings device and Postman using PAT, i just need to pick the command from this list (API | Developer Documentation | SmartThings), insert the PAT for Bearer authentication, and then it goes well, i get the right response.
So my question is, now that i have my own smart app ( Oauth server integrated with my smarthings profile), how should my http requests look like ? Am i supposed to use the same API URL as when using PAT? Where do I get the refresh token from to insert on the http requests ?
Thank you so much,
As you can see on the pictures attached, i have the could connector , device profile, and the schema app all set up. But i got stuck how to make the requests to get the Smartthings devices infos.
I’m really sorry for the confusion. The one in the video is a different OAuth server intended for Cloud-to-Cloud device integration.
The one I meant was this one: OAuth Integrations | Developer Documentation | SmartThings. This one is to access a user’s location depending on the scopes he/she authorizes. (For example, list devices, send command to devices, etc.)
Here are some instructions to create it:
- The option to create OAuth integrations cannot be found in the Developer Workspace.
- You need to use the SmartThings CLI to create this type of app
- You can also use the JSON in this sample as the input for the command.
GitHub - SmartThingsCommunity/api-app-subscription-example-js: Example API Access SmartApp that shows the state and allows control of devices - Then, you need to start the OAuth 2.0 process which consists on:
- The Access Token you get expires in 24 hours.
- The Refresh Token expires in 29 days if not used. We suggest you refresh the token before this time, otherwise, you’ll lose the Refresh token and the User will need to re-authorize.
NOTE: Remember the OAuth integration has a limit of 500 installations by default. Each time a user authorizes access to one of his/her locations, it will count as 1 installation. This means, if a user has 3 locations and authorizes access to each of them, he/she will use 3 installations.
- To refresh the Access Token, you need to use the same endpoint but the
grant_typeis different, here’s an example about this: -
curl -X POST “https://api.smartthings.com/oauth/token” -u “${clientId_from_app}”:“${clientSecret_from_app}” -H “Content-Type: application/x-www-form-urlencoded” -d “grant_type=refresh_token&client_id=${clientId_from_app}&refresh_token=${latest_refresh_token}”
Hello Nayelyz,
You dont need to be sorry! it is a bit confusing for me because it is the first time i am setting it up. In fact, i am grateful for the support you are providing ! 
I got some progress on it! I am still
i have some doubts:
when i run this command with the app credentials ( ttps://api.smartthings.com/oauth/authorize?client_id=${clientId_from_app}&response_type=code&redirect_uri=${redirect_uri_from_app}), i got the following results.
when i tried get the Access Token, i got this msg.
when i access my app URI, i can see the switch device only, how can i add more devices?
thanks a lot,
did you verify the redirect URI you use in this request is the same you used as redirect URI in your app registration? Remember you can use two URLs in OAuth integrations,
- Redirect URI
- Target URL
And it can be confusing some times.
The sample is configured to interact only with switches so I think it’s filtering the devices at some point. But, did you mention that querying the devices from the API directly only brings switches as well? It should list all of them
Hello Nayelyz,
I am sorry for long to replay to you. this week has been busy for us.
I went through the APP setup again, now, i was able to see the device . But i am stuck on the 4th step (start the OAuth 2.0 process). whhat am i supposed to fill on &scope=${scopes_from_whitelisted_inApp}???
I did not get the authorization code yet to move to this step .
You’ll exchange this code for an Access Token. This is an example of that request:
curl -X POST "<https://api.smartthings.com/oauth/token>" -u "${clientId_from_app}":"${clientSecret_from_app}" -H "Content-Type: application/x-www-form-urlencoded" -d "grant_type=authorization_code&client_id=${clientId_from_app}&code=${codeReceived}&redirect_uri=${redirect_uri_from_app}"
Any clue?? Thanks a lot, Guga
Aah ok, here you need to replace it with the scopes your app will request from the user but they need to be whitelisted first during the app registration.
This just means that you must select them when you create the app, for example: r:devices:* x:devices:* (this is a space delimited list)
This depends on which endpoints of the API you will use; you can see which scopes you need to make each call in the API reference: API | Developer Documentation | SmartThings