'redirect_uri' could not be validated with python

Hey everyone, I am trying to connect with Smarthings App with Python. I have created a integeration app and verified it, Smartthings send me a confirmation_url where i confirm that url. and then i request for Auth with python request https://api.smartthings.com/v1/oauth/authorize?client_id=<my_client_id>&response_type=code&redirect_uri=<my_redirect_uri>&scope=r:devices:*
and it gives me ‘redirect_uri’ could not be validated , while i have already confirm the provided url by smartthings still my url is not validated. Please share your thoughts and possibilities for this issue.
Thanks in Advance

Tagging @nayelyz

1 Like

Is your redirect_uri value URL encoded? (Encoded ampersands, etc?)

Welcome to the SmartThings Community, @Asad_Irshad!

I’m confused, which project type did you select in the Developer Workspace? The confirmation_url is used for a SmartApp but this URL (https://api.smartthings.com/v1/oauth/authorize) is for another integration…

@TylerDurden thanks for your reply, i just made a webhook endpoint for the confirmation as def webhook(request): request_json = request.body.decode('utf8').replace("'", '"') response_data = json.loads(request_json) res = requests.get(response_data['confirmationData']['confirmationUrl']) return JsonResponse(data={"confirmation url verified successfully"},status=200,safe=False)

this method only confirming the url that is provided by the smartthings to register/verify app. After succesfull confirmation it keeps giving me response of redirect_uri is not validated

@nayelyz thanks for your reply, i am trying to get registered devices for that specific account, can you refer me how can i achieve this with python?

To get the list of installed devices in your account, you can create a Personal Access Token and make REST requests to the SmartThings API. For example, this is a request to get the device’s list using Postman:

Endpoint URL: https://api.smartthings.com/v1/devices
You just need to replace xxxx-xxxx-... with the actual PAT.

@nayelyz thanks for you reply, really appreciated. Actually i want to achieve this as genenric auth. Like i don’t want to get PAT for each user i want my endpoint to do that automaticlly for me.
Suppose a user came to my platform and click an endpoint/link that endpoint should automatically completes the auth of the user and that endpoint should return us a token it could be PAT so we can then get the devices of the user.

ooh ok, got it. Well, a similar option is the OAuth Integration but there are two things:

  1. You must belong to an Organization so your request is approved
  2. Currently, new requests are not being accepted because the team is working on some improvements for it.

Also, SmartApps are for self-publish only, this means that if you want to share a SmartApp, each user would have to register it in the Developer Workspace and validate it as you did.

i have integerated this one but this gives me redirect_url is not validated even though i have created a webhook endpoint where i am recieving the response sent by the smartthings which includes

Signature keyId=“/pl/useast1/76-67-1f-db-9a-d5-d9-ce-15-32-7a-4-e7-1d-9e-6f-cf-27-6f-76”,signature=“mQFuH+AHU48kdJFg4n9pglIhY1PxP8D7n3hIWOg98y4jl5/ji+P21AxzRZdeq/XwI0DRQO3hdRiSZF0mMot9lpwuQfxPvxP1Rg0Dio4ZbPesTfB4LL4LvI3HSXf+ZeI/5qQwwlXFhxqtGn9o9LQa59hd1GUKbbG2O3ulbCrf9qMKbka6VJ4+ckVxt+J6YiVwl61TYZU0lEN27BJWpfwnqISJzyTNEyuSiupfvC5FLGS8TVdvbMMO0ODEMyAXLP3HkjPSm6B12yX46j/+fPMnAqrqtiNYvrtS02i+qES8Q/DDGDa1FNiIUXMhik0iujzCAMdYitIHeV9ZD1ue2NOyQ==”,headers=“(request-target) digest date”,algorithm=“rsa-sh256”

As you can see here confirmation url my endpoint is sending GET request on it and confirming the url as well. But still i got the redirect_url is not validated.

You created an app with the type “WEBHOOK_SMART_APP” through the API, right? I mean this endpoint:

If so, the URL you posted above isn’t valid, that’s only for the OAuth integration which is a different App type. It has two fields, one for the target URL (where you get SmartApp requests - subscriptions) and another one called redirect URI and the last one must match the one you send in the query parameter &redirect_uri=<my_redirect_uri>. That’s why you get the error, you don’t have two URL fields in a SmartApp registration.
You can check the SmartApp NodeJS SDK to get references on the authorization process there.

thanks @nayelyz for assistance. Let me check that again, will catch you up again if needed. :slight_smile:

1 Like