Creating a New Customer (two legged auth) - Now Working

@jeiden just to confirm, the test call:

HTTParty.post("https://api.particle.io/v1/orgs/neighbour/customers",
  { 
    :body => [ { "email" => "xxxxn@xxxxx.com", "no_password" => true } ].to_json,
    :basic_auth => { :username => "neighbour-xxxx", :password => "dc94xxxxxxxxxxx359a" },
    :headers => {"Content-Type" => "application/json"  }
   })
end

response:

"error"=>"email was empty"}

The correct version:

def test1
    HTTParty.post("https://api.particle.io/v1/orgs/your-org-goes-here/customers",
      { 
        :body =>  { "email" => "xxxx@xxxx.com", "no_password" => true }.to_json,
        :basic_auth => { :username => "your-org-xxxxx", :password => "dc9xxxxxxxxxx359a" },
        :headers => {"Content-Type" => "application/json"  }
       })
  end

Note: do not pass in the access token in the Header as you do with other calls.

This now works fine. Phew!

The Curl version, remember to passing in the organisations oauth credentials using -u:

curl -X POST -u your-org-xxxx:9ddxxxxxxx8d -d email=user@mail1.com -d no_password=true https://api.particle.io/v1/orgs/your-org-goes-here/customers
1 Like

Glad you got it working :smile:

I am still having trouble with this. First I use

"curl -X POST -H "Authorization: Bearer 1234" -d name=MyApp -d type=installed \ -d organization=my-org https://api.particle.io/v1/clients" 

and get the response I expect:

{
    "ok": true,
    "client": {
        "name": "MyApp",
        "type": "installed",
        "id": "myapp-2146",
        "secret": "615c620d647b6e1dab13bef1695c120b0293c342"
    }
}

Then I do:

curl -X POST -u myapp-2146:615c620d647b6e1dab13bef1695c120b0293c342 -d email=abu@agrabahmonkeys.com \
-d no_password=true https://api.particle.io/v1/orgs/my-org/customers         

but all I get in return is this:

{                                                                                                                                                                                                                       
  "ok": false,                                                                                                                                                                                                          
  "error": "Not Found",                                                                                                                                                                                                 
  "device_name": "hacker normal chicken zombie trochee"                                                                                                                                                                 
}

@bdi247 I ran your exact curl request in my terminal and got the following response:

{
  "ok": false,
  "error": "Organization not found."
}

I assume you are swapping out my-org with your actual organization slug. Once you add your correct organization slug this request should work just fine.

I am now getting this response:

{
“ok”: false,
“error”: “Organization not found for user’s role.”
}

Been a while, but back to creating customers. I have tried to create a scoped token for a customer for a 2 legged auth process:

curl -u my-client1-id:myclienttoken -d grant_type=client_credentials -d scope=customer=customer@email.com https://api.particle.io/oauth/token

give the following error:
{
“error”: “invalid_scope”,
“error_description”: “Requested customer scope doesn’t exist”

Also for parameter passing purposes how do I pass "scope=customer=customer@email.com" in a form? Is the query name “scope=customer” and then the value "customer@email.com"

thank you

@Kevin were you able to get this working? Your cURL request looks good. scope is the key and customer=customer@example.com would be the value of the query param for use in a form.

If you are still having problems, DM me your org name, customer email, and client ID you are using and I can look into it more.

Jeff

Hi there, I am getting the error “Organization not found.” when trying to create a customer using curl. After reading above, I think I’m probably entering my organization in the URL incorrectly.

Can someone please tell me where I can find my “:orgSlug”?

Hey Dan,

Your confusion is totally valid – in our recent update to the console, we have since abstracted the concept of organizations from the front-end. If you created the product pre-console, then you created an organization and set its name. The slug would just be the downcased and dasherized version of the name (i.e. “Jeff Organization” => “jeff-organization”).

If you just created your product, the slug of the organization is the same as the slug of the product. You can find this in the console, when you navigate to any product-specific URL. It is the downcased/dasherized version of the product name + the product version. For example, on the devices page for a product called “Foo” with version “v1”, the URL would look like: https://console.particle.io/foo-v1/devices, and the slug would be “foo-v1”.

Does this help?

Jeff

Yes, thankyou for the clarification - that makes a lot more sense now. The docs probably should mention this!

1 Like

Hey @jeiden,

Adding a customer via the API now seems to work for me, with a response similar to what I was expecting. However, even after waiting a day to update, I still cannot see any of the added customers in the console. Is there something I’m missing?

Hey @dan.s,

The customers will actually appear when they have claimed ownership of a device. This is definitely confusing, and something we have a ticket to improve. It would make more sense to show those customers as soon as they are created.

For now though, claim a product device and you’ll see the customer appear.

Jeff

Sorry to exhume this post. I’m working through this process for simple auth. My end goal is to get a basic prototype going destined for an ionic app (angular). I am having trouble working out the curl commands to go through creating a client; customer; token etc in an effort to gain a clear understanding of what all the steps are. There is great information but it’s scattered between the guide, the reference and the community forum. Take this post. This is the only reference anywhere that explains what organization is, or where to find it. However, copying the string straight from the browser console, when I try:

curl -X POST -H “Authorization: Bearer 1234” -d name=“IonicMobileApp” -d type=installed organization=mXXXXp-v1 https://api.particle.io/v1/clients

curl: (6) Could not resolve host: organization=mXXXXp-v1

although it does return an otherwise sensible looking object:

{
“ok”:true,
“client”:
{
“name”:“IonicMobileApp”,
“type”:“installed”,
“secret”:“1234”,
“id”:“ionicmobileapp-8868”
}
}

And when I try:

curl -X POST -u ionicmobileapp-8868:1234 -d email="me@email.com" -d password=“myPAssWrd” https://api.particle.io/v1/org/mXXXXp-v1/customers
{“ok”:false,“error”:“Not Found”}

I’m more from the hardware world, so I know much of this may seem obvious. I don’t suppose anyone could point me at a guide that might help. It’s just not fitting together. ANd after this I’ll have to figure out how to squeeze this into Angular 2 for more fun and games?

Unless someone has done this in Angular 2 already. Would be nice to cut out the middle man!

Thanks forum.

Al.

Hey @monkey - this reference documentation should be helpful to you: https://docs.particle.io/reference/api/#create-a-client

1 Like

Edit to my own question, in the hope that this might be helpful for others.

If like me, you're having trouble creating customers or tokens, with errors like: {"ok":false,"error":"Organization not found for user's role."} or {"ok":false,"error":"Not Found"} refer to rickkas7 s post. There is an very succinct explanation of tokens and scope, which is not covered in the documentation.

Cheers,

Al.

1 Like

Can we incorporate this into the docs? @rickkas7?

1 Like

I’m trying to get a product through initial prototyping but I’m struggling with the js api. I used a test email address to create an account and claim a device etc etc to test out the process. All worked fine. I’m now expanding it into an ionic app. But as soon as I enter a new ‘test’ email address pretending to be a new customer, I run into problems. If I create a user with the product client id & secret (with limited scope), that works. This is the method given in the docs. But I can’t subsequently login as that user using the same client id & secret? (Why is this?) Strangely, I can log in using id+secret=particle-api or anything else for that matter. But the killer is that I can’t then generate a claim code, at all?! What’s going on? This is so confusing. I would expect to create a Particle object; pass my product specific client credentials into the constructor and use this for everything. What reason if any is there to use blank/generic client id&secret. And is there a case where more than one Particle objects will be needed within an app?

I’m using ionic by the way, so as far I can gather, I need to use the restricted scope client credentials approach. I’ll keep working on it in the meantime, but I’d really appreciate some expert advise.

Cheers,

monkey.

@monkey — as always, specific code snippets will help our team get a better understanding of where the problem lies.

I’m not exactly sure how your requests look, but I’ll recap the process from our docs. After a customer (remember that customers are different than users) is created and the device claimed, the only remaining piece is authenticating API requests correctly to interact with that customers’ devices. To do this, you’ll need to generate access tokens scoped to the customer. This will allow you to do things like call a function, check a variable, etc. on behalf of the customer from your server or mobile/web app.

Here is our API reference documentation on how to create customer-scoped access tokens using your OAuth credentials: https://docs.particle.io/reference/api/#generate-a-customer-scoped-access-token.

It is also described in the Two-legged auth guide here: https://docs.particle.io/guide/how-to-build-a-product/authentication/#7-interact-with-customer-39-s-device-1.

Good luck,

Jeff

Yes, it works! Customers are different than users. Because the notion of customers was not included in the javascript api, I made the assumption / oversight that users were equivalent to customers. Having corrected that assumption, it now works. Thanks.

1 Like