Sorry, should have posted this yesterday after I figured it out. So this assumes you have an organization (created through the Particle dashboard) and have created a client for it. The flow I’m using basically goes like this:
The variables referred to shouldn’t actually be wrapped in [], and are:
- [client_id] = the unique ID particle returns when you create a client
- [client_secret] = the secret code returned after the creation of a client
- [scope] = As explained in the link above (it says only create_customer is valid, but I’m sending the name of my app and it asks for full permissions)
- [state] = I am sending a random key that is associated with the user currently logged in to my app, this is returned in the redirect (I use session authentication as well, it’s obviously not secure to assume an identity based on a plain text token passed in a get request)
- [code] = The code returned after step 1
-
Direct user to particle to login
- “https://api.particle.io/oauth/authorize?client_id=[client_id]&response_type=code&scope=[scope]&state=[state]”
- User will enter their credentials and be asked to accept the permissions the client is requesting (presumably controlled by the “scope” parameter).
-
Particle will redirect after the, user logs in, to an https (protocol MUST be https) endpoint defined when you create your client with 2 things in the query string, a “code” and the “state” you sent.
-
Send POST to particle API with the code
- For consistency sake I’ll post this like the other POST requests in the docs, using curl:
curl https://api.particle.io/oauth/token -u [client_id]:[client_secret] -d grant_type=authorization_code -d code=[code]
-
Particle’s response will match the response shown in the docs for generating an access token
-
Your client can now use that access token for the user exactly as you normally would.
I hope this helps someone else! We are super excited to be able to set up a client to give our customers a simple interface for interacting with their Particle devices, not to mention our devices they have connected to their Photons and Electrons.
Thank you guys for all the awesome work, and for providing everyone with this community to interact with each other through!