Claim_code expiration?

I am assuming there is no expiration. Can someone verify this? Thanks.

What’s the reason for the question?
Why would you want to reuse a claim code over an extended periode?
Once claimed, the device is yours :wink:

@ScruffR, the reason is I wan to use the same claim_code for adding new devices in the future.

The claim code only works for one specific device

@ScruffR, I don’t think that is true. I currently have two devices under the same claim_code when I do Curl with my access_token.

Have you claimed both with that same claim code?
And can you claim a third one with the claim code again?

Or if you haven’t got three, unclaim one or both you’ve already claimed and reclaim it/them with that same code.

But if that works, I’ve been doing unnecessary work all this time for my other devices :blush:

Access token is not equivalent to claim code.

The claim code is coming from the :cloud: during each claiming process involving the softAP method.

I guess you are talking about access token expiry?

1 Like

@kennethlimcp, I was talking about claim_code. using the same claim_code to claim add devices to the same account.

Which tool are you using to do that?

ParticleJS or CLI?

Which mode is the Photon in when you do that?

@kennethlimcp, I was using CURL with my access_token without photon being connected and it responses my devices (two) with same claim_code.

What I am trying to do it using softap-setup-js to add new devices to my account and set wifi params. The document ( states that I need to set the device claim_code. Am I following the right procedure?

Setting the Device’s Claim Code

The device must be provided with a claim code before it can be
registered to a user’s account. This is a string that is typically
provided by a call to the Particle API. Once such a claim code has been obtained, it can be provided to the device like so:


var code = “somekindaclaimcode”;
var sap = newSoftAPSetup();
sap.setClaimCode(code, callback);
function callback(err, dat) {
if(err) { throw err; }

Hi @mtun009,

The API endpoint to create a claim code (POST /v1/device_claims) is documented here:

I also suspect you may be confusing access tokens and claim codes.

A claim code may only be used once, for a single device, and it must be used within an hour of creation. Here’s how the flow goes:

  • Imagine you start with a Photon that has no Wi-Fi credentials, is offline, and is blinking blue. That Photon is broadcasting a Wi-Fi AP named “Photon-WXYZ”
  • Your phone or computer is connected to the internet.
  • You use your access token on that phone or computer to hit POST /v1/device_claims to create a claim code.
  • The API creates a claim code in the database that represents you as a user, and it responds with the claim code (63 characters) and an array of your currently claimed device IDs.
  • The phone or computer then disconnects from the internet and connects to the Photon’s network “Photon-WXYZ”. The phone/computer is now directly talking to the Photon, and neither device has internet access.
  • The phone/computer asks the device for its ID. If the ID matches one in the already claimed list, then there’s no need to claim. Otherwise, it sends the claim code as well as the Wi-Fi credentials directly to the Photon. The Wi-Fi password is encrypted during this transfer.
  • The Photon closes the connection with the phone/computer, shuts down its AP, and attempts to connect to the Wi-Fi network using the credentials the phone/computer sent.
  • If the Photon successfully gets on Wi-Fi and the internet and connects to the :particle: :cloud: it tells the cloud about the claim code it received.
  • The cloud looks up the claim code, finds it, and (if it’s been less than an hour) now knows that this device belongs to the user who requested the claim code a moment ago. We mark the claim code used (it can never be used again).
  • When the phone/computer lost the connection to the Photon, it reconnected to the internet and started polling the “list my devices” endpoint, waiting for that Photon’s ID to show up anew in the list of devices you own. When it sees the device in the list, it gives a success message; the setup process will give up after a certain timeout, assuming the device must have had some problem getting online.

Hope that helps!


I guess I wasn’t wrong then :wink:

@zachary and @will, I was not confuse with access_token. You said that single device uses single claim_code. But when I do POST with my access_token I got the following response:

claim_code and my two exiting device ids that are already claimed.

So that is where the confusing comes in. So the response of my two exiting devices (device ids) portion is just to show me the devices belongs to me? They did not use the claim_code on that response?

Exactly that!

1 Like

@ScruffR, thanks. I just saw that after re-reading it thoroughly. @zachary steps by steps explaining helps a lot. Thanks.

1 Like

@zachary, Is there a way for me to POST /v1/device_claims to get claim_code only in response without my claimed device ids? What is I have hundreds of devices already claimed. I really don’t need claimed device ids just to claim a new device. Any suggestions?

Good suggestion @mtun009! There’s no way to do that now; the devices are always included in the API response. I’ve added your suggestion to our backlog. It’s very low priority, but I appreciate the proposal. :smile: