Is SmartThings WebService OAuth Implementation Stopping Innovation?

Is there any way around the authentication scheme requiring a SmartThings login page for web services? This seems to be overly complex for a lot of scenarios where a browser is not readily available.

One example, smartwatches, Samsung’s own gear S3 is fully capable of stand-alone operation. I’d really like to see a SmartThings app, but this is almost impossible because authentication requires redirecting to a SmartThings login page, then authorizing individual permissions, which you can’t do on the watch.

This seems to be why SmartThings abandoned their gear S2 app:

Authentication also seems to be one of the main issues with SmartTiles, and probably why there are not more dashboard options…

If this is all in the name of security, then why are there omissions, like why is it so hard to revoke a token after it has been authorized? Shurly a simple page listing current authorizations with a link to revoke would be nice…

If there is currently no way around the login page then a practical solution should be a priority. I can think of more than a few ways to solve this. The SmartThings framework seems to be rather idealistic, causing additional complexity for simple tasks and stopping innovation.

2 Likes