Is OAuth broken?


(Alex) #1

As of this morning, I am unable to authenticate via the OAuth workflow.

I’m prompted to login and select a location. When I click “Authorize” button the following error message appears:

Authorizing the selected devices failed; please try again later or contact support@smartthings.com

@Jim, are you aware of any recent back end changes?


(Joshua Lyon (SharpTools.io Dashboard)) #2

It does seem like something weird is still going on. I saw something similar happening a few days ago. After hitting the login screen, then logging in, I would be redirected to the developer dashboard. From there I had to close the login, then when I would retry the request it seems it would cache my credentials and properly direct me to the authorization screen to select devices. The authorization seems to work as expected from there for me (via Postman and SharpTools) so I can’t reproduce the error message you are seeing.

I put together a quick video showing this in Postman: (I would recommend viewing fullscreen and in full resolution)

It seems the loading of the devices in the authorization window is a bit slower than normal as well. It’s not considerable from a solid connection (eg. desktop), but it’s pretty noticeable on a slower/more latency burdened connection (eg. mobile).


OAuth Changes in March 27 Platform Release?
Next Developer Call will be on 03/25/2015
(Alex) #3

I see this credential caching issue every now and then. But this time is different.

You can try for yourself: http://www.smarttiles.click/install-start/

It was working yesterday and nothing changed since.

Other users are reporting the same behavior.


(Joshua Lyon (SharpTools.io Dashboard)) #4

I wasn’t so much worried about the credential caching itself - that’s expected. What I was pointing out is that the first time I login with my SmartApp (eg. no caching), then I am redirected to the developer dashboard and for a user it would be unclear what to do next (other than maybe retry).

The second time I log in (eg. credentials cached), I am directed to the appropriate authorization screen. I haven’t heard users complaining about this so I don’t know if they are seeing the issue or it’s somehow limited.

Oddly enough, I was neither able to reproduce my issue nor your issue when I tried the OAuth workflow with SmartTiles… so I’m not sure what’s going on?


(Jody) #5

I believe this is related to the recent login issues we have been seeing. I was thrown from the login page directly to the IDE during one oAuth attempt. Attempts this morning have been successful. oAuth is working fine for me.


(Alex) #6

I experienced it more than a few times, I just thought that it’s my browser being weird with cookies.

@joshua_lyon, so you tried the link above and it works for you at this moment?

Just for reference this is the screen I get.

Does anyone remember whether the IDE links suppose to be there?


(Mike Maxwell) #7

supposed to?, I don’t know, but they are there for me.


(Alex) #8

I’m just trying to remember if they used to display…


(Jody) #9

The links are there, but I am not getting the error message when authorizing devices on ThingLayer


(Patrick Stuart [@pstuart]) #10

I suspect it might have to do with authorizing against SmartApps that were not submitted for review and outside the scope of the IDE user. This is a loophole that they probably want to close.


(Alex) #11

Ok, I figured out the root cause:

I had unsubscribe() and unschedule() within my initialize() method.

This failed with NPE upon installing new app via OAuth workflow.

Either I missed that during initial testing or it used to work a couple of days ago and something changed on the back end and now craps out.