Hi all, I am looking to integrate my device with SmartThings but only have implicit grant flow in place. However, I am not able to find any documentation specifying what oauth url is being used. Does anybody know where I can find which exact parameters are being supplied? Also, is there even the possibility to use implicit grant as all the documentation I have found covers auth code only.
Tagging @AlejandroPadilla @nayelyz
Hi @patrycjaz Are you using Schema to integrate your device? I am interested in understanding your case, and providing you with the best care, please can you explain more about your integration?
Hi @AlejandroPadilla I am using Schema, and my question is with regards to the account linking aspect. As my current implementation of my authorisation server only allows implicit grant, I would like to understand what parameters are being passed during the call to the authorisation server.
To use Schema your cloud must support OAuth 2.0, here you can find an example.
After creating your project on Workspace, you will obtain the credentials to use on your OAuth server, and with that, you can use the interactions type to communicate with SmartThings.
@AlejandroPadilla Thank you for the response, however this was not what my question was with regards to.
I understand interaction types and my issue is not with implementing the cloud connector. My issue is with regards to the account linking process, and the oauth flow used.
The default seems to be authorisation code flow which uses a code to gain the access token, rather than implicit grant flow, which directly grants the client the access token. I would like to know if smartthings supports implicit flow implementations? The example schema you linked uses authorisation code flow.
@patrycjaz Unfortunately, SmartThings don’t support implicit flow, OAuth 2.0 Implicit Grant Type due to security risks.