hi.
I am currently testing C2C (Cloud-to-Cloud) integration. Additionally, I would like to subscribe to and utilize information from devices connected to SmartThings. I was wondering if SmartApps is still available for this purpose, or if there is an alternative feature I should use instead?
Could you please clarify the purpose of your C2C integration and how you are planning to use the SmartApp to subscribe to device information? This will help us better understand your use case.
We are not aware of SmartApps being limited in certain regions. However, they are intended for self-published integrations**, and another alternative is using an **API_ONLY app (OAuth).
Our goal is to develop a feature that triggers specific actions on our C2C-connected devices by subscribing to events from other third-party devices linked to SmartThings.
While users could theoretically use SmartThings’ built-in automation, we aim to handle these complex configurations on our own cloud to simplify the experience for users who may find manual setup difficult.
Specifically, we need to subscribe to real-time events from external devices integrated with SmartThings and utilize that data for our service, rather than relying on the inefficient polling method.
Based on your use case, where you want to subscribe to real-time events from third-party devices and handle the logic in your own cloud, the recommended approach is to use the SmartThings API with an API_ONLY app (OAuth).
Through this approach, you can subscribe to device events using the Subscriptions API, which allows your cloud to receive real-time notifications (via webhook) when device states change.
Command:
smartthings apps:create
---->The type you need to select is “OAuth-In App”
----> Target URL is the link where you want to receive the subscription events
----> These scopes are the permissions whitelisted from your app, if you use a scope in the “authorize URL” not included in your app’s scopes, you’ll get an error
-----> Add redirect URI because that’s where you’ll receive the authorization code once the user authorizes access to your app.3. 4.
You can also use the JSON in this sample as the input for the command.
GitHub - SmartThingsCommunity/api-app-subscription-example-js: Example API Access SmartApp that shows the state and allows control of devices
Then, you need to start the OAuth 2.0 process which consists on:
Show the authorization page to the user by using this URL:
https://api.smartthings.com/oauth/authorize?client_id=clientId_from_app&response_type=code&redirect_uri=redirect_uri_from_app&scope=scopes_from_whitelisted_inApp
Once the user authorizes access to your app, it’ll redirect you to the “Redirect URI” you configured with the Authorization Code.
You’ll exchange this code for an Access Token. This is an example of that request:
curl -X POST "https://api.smartthings.com/oauth/token" -u "clientId_from_app":"clientSecret_from_app" -H "Content-Type: application/x-www-form-urlencoded" -d "grant_type=authorization_code&client_id=clientId_from_app&code=codeReceived&redirect_uri=redirect_uri_from_app"
The Access Token you get expires in 24 hours.
The Refresh Token expires in 29 days if not used. We suggest you refresh the token before this time, otherwise, you’ll lose the Refresh token and the User will need to re-authorize.
NOTE: Remember the OAuth integration has a limit of 500 installations by default. Each time a user authorizes access to one of his/her locations, it will count as 1 installation. This means, if a user has 3 locations and authorizes access to each of them, he/she will use 3 installations.
grant_type is different, here’s an example about this:curl -X POST “https://api.smartthings.com/oauth/token” -u “clientId_from_app”:“clientSecret_from_app” -H “Content-Type: application/x-www-form-urlencoded” -d “grant_type=refresh_token&client_id=clientId_from_app&refresh_token=latest_refresh_token”
Subscriptions in API_ONLY apps
Registering a targetURL isn’t mandatory in this type of application, but if you want to create subscriptions using its installedAppId, you need to include a value for it.
Note: If you have already created your API_ONLY app but didn’t register a value for it, take a look at this post to know how you must update your app to do so: SmartThings CLI apps:update Type Error (reading ‘url’)
Once you have finished creating the app, you will receive a POST request with a confirmation URL, which you need to copy and paste into your browser or make a GET request using it. This is to “verify” the app so it can receive requests with the subscription events.
This example about creating subscriptions with an API_ONLY app. They only need the installedAppId and the Access Token.
{
"access_token":"41fb5735-d9af-4041-...",
"token_type":"bearer",
"refresh_token":"f804c515-2afa-4a49-...",
"expires_in":85744,
"scope":"r:locations:* x:devices:* r:devices:*",
"access_tier":0,
"installed_app_id":"cac8fb70-4e2c-4630-..."
}
Note:
Subscriptions require having a targetURL registered in the app because that’s where you’ll receive the new events.
This will also trigger a CONFIRMATION request (similar to a SmartApp) which means you need to verify the app by making a GET request to that URL to start receiving the events.