Just want to make sure I got this right. Customers that claimed a device that belongs to a product can access most of the https://api.particle.io/v1/devices APIs but they are not allowed to access product and organization endpoints via https://api.particle.io/v1/products/:productId/devices APIs.
Customer access tokens cannot use any of the product or organization endpoints.
They also can only access a small subset of the user API, such as function and variable in the device endpoint. Most of the other endpoints such as flashing code, are not allowed for customer tokens.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.