Trying to control "deviceGroups" via REST API

I don’t see any documentation on how to use the REST API to control a “deviceGroup”, only a “device”.

So, I can get a list of “devicegroups”, using “/v1/devicegroups” and that shows me a “deviceGroupId” such as “31249702-eee7-4ae4-9251-cfb015898b7b”. I then try to apply the same type of API as works for devices, by doing:
/v1/devices/31249702-eee7-4ae4-9251-cfb015898b7b/commands
with a body like:
[
{
command: “on”,
capability: “switch”,
component: “main”,
arguments:
}
]
yet, while this works fine for “devices”, it doesn’t work for “devicegroups”, instead giving:
{
“requestId”: “5E90174B-C509-4ACD-9701-F0ABC288AD88”,
“error”: {
“code”: “ConstraintViolationError”,
“message”: “The request is malformed.”,
“details”: [
{
“code”: “BodyMalformedError”,
“target”: “httpRequestBody”,
“message”: “The request body is malformed and cannot be processed by server.”,
“details”:
}
]
}
}
I’m stuck. Maybe I use the “device” commands even for groups? I’ll try that…
Ok, that gives me “403 Forbidden”. Maybe there’s an oauth permission for device groups which I’m missing, but I didn’t see it on the web page for producing tokens.

I haven’t used this REST API, but your request is a malformed json.

Consider adding [] or {} after “arguments:”

I see what you’re saying and I agree. I don’t know why the brackets weren’t copied over when I copy/pasted it, but they were there. Let me try copy/paste of the body again:
[{
command: “on”,
capability: “switch”,
component: “main”,
arguments:
}]
It was definitely tried with them in there and didn’t work.

I changed the body to:

{“commands”:
[
{
“command”: “on”,
“capability”: “switch”,
“component”: “main”,
“arguments”:
}
]
}

(which is the official version of the API command body for the “devices” entry point)

This gives “403 Forbidden”, which makes it look as if there’s maybe some new auth token scope just for devicegroups. If so, the auth token creation web page doesn’t mention it. The auth token I was using was created with ALL scopes.

@nayelyz, could you try to answer this one?

This worked for me:

curl --header "Authorization: Bearer TOKENWITHALLSCOPE" https://api.smartthings.com/v1/devicegroups/DEVICEGROUPID/commands --data "{\"commands\": [{ \"capability\": \"switch\", \"command\": \"on\" }]}

So that is a request to https://api.smartthings.com/v1/devicegroups/DEVICEGROUPID/commands with the following body:

{
  "commands": [
    {
      "capability": "switch",
      "command": "on"
    }
  ]
}

I just ticked every option when creating a token to save messing around.

1 Like

Interesting. That’s basically the same as what I’m doing, but I get “403 Forbidden”. I even tried your exist CLI and (when I include “–verbose”) it’s clear I’m still getting 403.

Ok, just to make sure, I re-generated a new “All Scopes” token and now it works! I guess the “All” token I had wasn’t really for ALL scopes after all!

Thanks for the sanity check which forced me to question my assumptions! :slight_smile:

2 Likes