Https://graph.api.smarthings.com Failed to load devices

I opened one last night. #152946.

1 Like

I also opened a ticketā€¦#153074

1 Like

Just wanted to update here - It now looks like the UK are in the same point of failure as the US. Where as before the US was fully working and the UK couldnā€™t even auth, now we can both auth, but neither can actually gain access to devices.

However, I must admit, now that this is affecting the US as well as the UK, I can see it being resolved rather quick.

1 Like

Iā€™m not sure what the funniest part of this sentence is. I hope you meant the whole statement sarcastically, as thatā€™s the only way it makes any sense. :joy:

8 Likes

Nice. Iā€™ve now opened a ticket too with basically the same text as yours, except I changed ā€œhundreds of customersā€ to ā€œthousands of customersā€ because, hey, it affects everyone who wants to install any app via OAuth!

4 Likes

Iā€™m having the same issue with: simplerulebuilder.com.

1 Like

There was excessive amounts of sarcasm in that post :smile:

1 Like

This may be obvious - but it only effects log-ins - it does not break existing authorized connections. I have two phones - I have not logged out of smart rules app on one of them and it continues to work fine, however, the other one - I logged out and cannot cannot load devicesā€¦

just info .

Dave

1 Like

This has always been an undocumented loophole, that most developers (you included) new wouldnā€™t last forever.

Same problem here with SharpTools.

Sure, but ST has made it clear on the dev calls that they know itā€™s in use and that they had no plans to close it off.

Given that itā€™s related to a platform update, Hanlonā€™s razor is almost certainly applicable.

2 Likes

No comment.(But Iā€™m always right, even when I very much donā€™t want to be. :angel:).

I guess it harkens back to the discussion @tgauchat and I were having in another thread, whether anything that SmartThing promised has any meaning.

Hanlonā€™s razor is almost certainly applicable.

Whether itā€™s intentional or a side-effect of fixing fundamental OAuth issues in the platform, Iā€™m sure enabling OAuth for GB customers will take priority over breaking a handful of custom apps that were relying on undocumented feature.

I personally believe that ability to install unofficial, unpublished custom apps via OAuth flow without access to their source code was one of the most serious security flaws in SmartThings. If theyā€™ve finally closed it, Iā€™d say good riddance.

1 Like

I agree that your viewpoint could be taken by SmartThings.

The fact that should not be ignored, however, is that the combined number of users of these ā€œhandful of custom appsā€, far exceeds the number of IFTTT users the UK will have in the next 30 days.

SmartTiles is the #1 installed Community Developed SmartApp (including SmartApps that are in the official Marketplace), except for some relatively trivial ones. SmartRules and SharpTools, etc., are very close followers, adding up to a sum that should not be dismissed.

Wellā€¦ I canā€™t help but be offended, Geko ā€“ not nice.

@625alex and I (and our peers) have a significant amount of effort invested in what weā€™ve developed, and thousands of SmartThings Customers appreciate our efforts (including expressions via payment and donations) for the value we have added to their SmartThings purchase.

I donā€™t dispute that. Itā€™s a great app! However, since itā€™s not an open source, it falls into the same security risk category. Apps like this should be published and available through SmartThings Marketplace.

Wellā€¦ I canā€™t help but be offended, Geko ā€“ not nice.

Sorry, but itā€™s not personal. I hold both you and Alex in high regard as developers and contributors to the Community. SmartTiles is the best community-developed SmartApp around. Still, I believe there should be no exceptions when it comes to security.

2 Likes

I understand where youā€™re coming from here, but its not as though anyone is forced to install those apps. Each customer can make their own decisions about which developers they trust with which devices. As developers, we have built in incentives to build relationships and prove ourselves worthy of that trust.

I guess it is analogous to the debate between highly regulated cab drivers and semi-unregulated Uber drivers?

2 Likes

We agree; except:

  • SmartTiles was explicitly called out as an example of an ā€œnon-publishableā€ SmartApp, without an explanation nor opportunity to be formally defended. But it was never ā€œbannedā€ from the platform in any form.

  • The submission / publication process is currently completely unpractical for a large iterative project (or even simple ones), due to extensive delays and low-details upon rejections. Full resubmission is required for every bug fix.

  • The possibility of a revenue stream (i.e., payments system) for SmartApps (and Device Types) has been removed from SmartThingsā€™s plans for the foreseeable future (paraphrase quote from Alex Hawkinson).

1 Like

I hate Uber enough that I must comment on your analogyā€¦ though I have to admit itā€™s not particularly inaccurate, Brice.

The difference here is that there is no Government entity involved. Samsung SmartThings is a for-profit company with constituents beyond its shareholders. Very minimal obligations to Customers and Developers. Taxicab regulations were established by mutual agreement between duly elected representatives of the citizens; legislators at various levels of government. Over time, the government failed their fiduciary duty to keep these regulations from being both corrupted and antiquated. :confounded:

So ā€¦ Iā€™d rather not compare that to the state of SmartThings: The private sector has its own mega problems.

What does ā€œofficially publishedā€ mean technically?