I have configured SmartThings to target the URL of my Azure Function.
The authentication flow works fine but it never redirects to my Azure Function. It redirects to c2c-us.smartthings.com/oauth/callback with the state and the code parameters. Displaying a “Pretty-print” web page.
The documentation states that it’s my function that should be called with these parameters.
Am I missing something? I cannot find any tutorial or information on how to use SmartThings with Azure.
I’ll tag @nayelyz and @Itati here as I think they will be best placed to help you.
I’ve never used a C2C Schema but I can see that the ‘documentation’ you linked to suggesting a redirect to your function is for an OAuth-In app which is a different animal and that will probably confuse the issue. With OAuth-In your app requests access to SmartThings. My limited understanding is that with a Schema it is SmartThings requesting access to your app.
Could you please provide the time when this issue occurred? Since we are in different time zones, it would be helpful if you could provide the timestamp of when the error happened, along with your local timezone.
The engineering team mentioned that it is important to validate the following:
SmartThings app configuration – Ensure that the SmartThings app is set up to handle deep links.
Deep link permissions – Verify if your operating system (Android/iOS) allows the app to intercept deep links correctly.
Once we have this information, we can continue investigating the issue.
Hi @Itati
I tested once more just now (2025-03-24 9:36) making sure that I had the application set with “Open supported links” on (as described by @orangebucket). The results were the same.
HI @aalmada
The engineering team is requesting additional information to continue investigating your case. Could you please reproduce the issue again, record a video while it happens, and pull the mobile logs immediately after?
Additionally, we need you to provide the exact time when you reproduced the issue so we can align the data with our records.
Note: provide the timestamp of when the error happened, along with your local timezone.
`
If you have Android, follow these steps:
Go to Menu > Gear Icon > About SmartThings
Tap the SmartThings logo 10 times.
This will open the developer’s space > tap ‘report a problem’
This will send you to the report page. Select a frequency and write a short description of the issue.
Click on “Report” and a log file will be generated for you to send over email, please do to build@smartthings.com
Just to confirm, please make sure you’re following this flow:
You register your Schema project with the correct URLs for your OAuth server and Schema Connector
When you go to “my testing devices”, it will start the onboarding flow where your OAuth server’s URL will be called. This is where you show your Login page to the user.
Once he authorizes, you need to send an authorization code to SmartThings included in the redirect URI, which is one of the of the listed here.
At some point, ST will request your cloud to exchange that authorization code for an access code at the Token URI you provided during registration
In an OAuth-In integration your app authenticates with SmartThings in order to get OAuth tokens to access the API. So your app initiates an authentication with SmartThings which, if successful, results in a temporary code being sent to the redirect URL. Your app then sends that code to SmartThings and receives an access token in return. SmartThings doesn’t need to explicitly authenticate with your app, it just sends signed POSTs to the target URL it has been told about.
With a Schema app SmartThings authenticates with your platform (for want of a better word) in order to get tokens to access it. In stages 2 and 3 SmartThings initiates this authentication and, if successful, receives the temporary code on its redirect URL. It will then need to send that code to your platform to get the actual access tokens and that is what stage 4 is.
There is still a need for your platform to have access tokens for SmartThings. That’s where step 5 comes in.
If this has just confused the issue please ignore it. I am just trying to plug the timezone gap.
Hi! @orangebucket thank you so much for the clarification.
Let me see if I understood correctly. After all the OAuth flow, SmartThings sends a grantCallbackAccess payload to my Azure Function. The function has then to send an accessTokenRequest payload to the URL specified in callbackAuthentication. SmartThings will replay with an accessTokenResponse payload. Only then, SmartThings sends a discoveryRequest payload to the function.
Is this right? The connect-using-smartthings-schema diagram doesn’t show any of these callback steps.
I’ve never actually tried it, but it is certainly what I would expect.
I don’t like those flow diagrams they insist on using. It would be OK if the following pages went on to detail each step in order but they don’t. ‘(3) The access is granted’ in particular is doing a remarkable amount of heavy lifting. Not only does it mask the OAuth flow, but it masks the transition from setup activity to actually using your Schema Connector.
@orangebucket Thinking about it, the grantCallbackAccess should be used to authenticate for the callback. It should have nothing to do with OAuth authentication flow.
I’m now working with the people that configured Azure Entra ID to try to figure if we’re missing anything on our side.
Up until now, our webhook URl (Azure Function) has never been called. The SmartThings app keeps redirecting to https://c2c-us.smartthings.com/oauth/callback with some state and code parameters.
