w.Intercom = i;img.ProfilePhoto.ProfilePhotoMedium { padding: 10px; }API device code grant flow assistance — tado° Community
Skip to content
  • Register

    • API device code grant flow assistance

    Quattro_D
    Quattro_D
    in General Questions & Topics

    Hi

    I use the "password grant flow" method of accessing the Tado API using code built on an ESP8266. I have received a mail telling me that I will now need to move to a "device code grant flow" authorisation process, and example of the process is given.

    When I follow the example I get to a point which shows this request:

    req = requests.post(
    "https://login.tado.com/oauth2/token",
    params=dict(
    client_id="1bb50063-6b0c-4d11-bd99-387f4a91cc46",
    device_code="XXX_code_XXX",
    grant_type="urn:ietf:params:oauth:grant-type:device_code",
    )
    )

    Giving this response:

    {'access_token': 'myAccessToken',
    'expires_in': 3599,
    'refresh_token': 'myRefreshToken',
    'scope': 'offline_access',
    'token_type': 'Bearer',
    'userId': '...'}

    However when I execute for my device code I get:

    {
    "access_token": "myAccessToken",
    "expires_in": 599,
    "token_type": "Bearer",
    "userId": "…"
    }

    So, differing expiry and no refresh_token.

    Is there somebody that has successfully implemented this who can steer me in the right direction please?

    I am for from an expert in anything HTTP(s), so treat me as a novice please.

    Cheers.

    Welcome!

    It looks like you're new here. Sign in or register to get started.
    Sign In
    Register

    Answers

    • HGlab01
      HGlab01

      Not sure if this helps you a lot, but I've implemented it in JS yestersday

      Step 1

      https://github.com/DrozmotiX/ioBroker.tado/blob/de911b719b985b179b07df0ed0bdd6e6fde02eb3/main.js#L87

      Step 2

      https://github.com/DrozmotiX/ioBroker.tado/blob/de911b719b985b179b07df0ed0bdd6e6fde02eb3/main.js#L106

      and it works as expected.

      After "Step 2" I am receiving access_token and refresh_token

    • Boef
      Boef
      edited March 25

      I'm having the same problem when I call https://login.tado.com/oauth2/token with a POST and I add

      device_code plus code I got from first stage and the grant_type urn:ietf:params:oauth:grant-type:device_code


      I get this back. Without a refreshToken
      {    
      "access_token": "myAccessToken",    
      "expires_in": 599,    
      "scope": "offline_access\n\n",   
       "token_type": "Bearer",    
      "userId": "myUserId"
      }

      And if I call the call the endpoint again with the same value's I get

      {   
       "error": "invalid_request",    
      "error_description": "The request has an invalid parameter: device_code",    
      "error_reason": "invalid_device_code"
      }


      And I need to do the device_authorize step again to get a new device_code

      I am using Postman to do test these requests

    • Quattro_D
      Quattro_D
      I worked it out in the end. It involved messing about with quotes around the grant type string.
      What seems to happen is it doesn't see the grant type that is being requested and rather than failing in any way gives you this different result. Once you get the format of that line right everything turned up without issue.
      Good luck!

    Welcome!

    It looks like you're new here. Sign in or register to get started.
    Sign In
    Register

    Welcome!

    It looks like you're new here. Sign in or register to get started.
    Sign In
    Register

    Quick Links

    Categories