Error: "Organization not found for user's role" when using "particle" authentication

Hi @ido - I’m just trying to authenticate users as customers to an organization.

I followed the docs here for iOS and here for android.

When I try to login or sign up using the Android Setup SDK, I get the following error:

“Organization not found for user’s role”

When I log the request using http_log_level = true, I see that my organization endpoint is returning a 404. I sent the full request log to @jensck. I can send it to you as well if you give me your email address.

The strange thing is that I am able to register accounts and log in via the iOS setup SDK. And stranger still is that I can login from Android using accounts that were created via the iOS setup SDK.

I suspect that the iOS SDK is not actually using our organization endpoint for the following reasons:

This is the code that I used to set up the iOS SDK for organizations:

  [SparkSetupCustomization sharedInstance].organizationName = @"Xxx";
  [SparkSetupCustomization sharedInstance].organizationSlug = @"xxx";
  [SparkSetupCustomization sharedInstance].productName = @"yyy";
  [SparkSetupCustomization sharedInstance].productSlug = @"zzz";

Where xxx, yyy, and zzz are the values that I found on dashboard.particle.io when following the instructions in the documentation.

So these are the questions that I have:

  1. Are organizations supported on the iOS and Android SDKs, or have I misread the documentation?

  2. If organizations are supported by the SDKs, is my configuration incorrect, or is this a bug?

Thanks again for your help @ido and @jensck.

Ok I found the issue with iOS. The latest versions of the iOS packages are as follows:

Spark-SDK: 0.3.4
SparkSetup: 0.3.3

The repositories for those projects have the latest packages listed as:

Spark-SDK: 0.3.0
SparkSetup: 0.2.1

I updated the packages and now I’m getting the following error when I try to register on iOS:

Could not signup

Make sure your user email does not already exist and that you have entered the activation code correctly and that it was not already used

The console shows the same error that we’re getting on android:

https://api.particle.io/v1/orgs/xxx/customers Failed (status code 404): {
    error = "Organization not found for user's role.";
    ok = 0;
}

So @ido or @jensck - can you please check that our organization exists in your database at the slug that I’ve set and is configured correctly for customer authentication via the SDKs?

What’s the slug? feel free to email me at ido@particle.io
if you need to transfer sensitive information

@ido - I found the issue. I was using incorrect values for oauth_client_secret and oauth_client_id. Thanks for your time.

Hello @ido, I have added a product in my organisation and done the required changes such as client id and client secret id and product slug in my android code , even though i am receiving the error “organisation not found for user role” during creating the new customer account . What changes am i missing ? Please guide
Secondly, How will i come to know my organisation slug name from my console window?

1 Like

I am also looking for more information on where the org slug can be found. Can a dev please reply? @ido I have a free prototype account but not sure if that qualifies.

Hi Sorry I missed the original post.
We no longer use “org slugs” but product IDs which is just a short number - the SDKs have been adapter to accept this number instead of the org slug string - you can find this number next to the little key icon in the product page in the console.

@ido unfortunately device setup / example app requires an org slug , and product slug. so commenting out either of these parameters in customization.xml is a no go. so i specified the product id in both the prod and org slug fields.

this results in a post to the following URL:
HTTP POST https://api.particle.io/v1/orgs/mypid/products/mypid/device_claims with an auth bearer token, and this results in an HTTP 404 (not found error). note that mypid above is where i specified my product id.

Here’s the top of the exception for context:

03-20 21:38:16.484 15356-15356/io.particle.devicesetup.exampleapp E/Async: Error calling API: Organization not found.
io.particle.android.sdk.cloud.ParticleCloudException
at io.particle.android.sdk.cloud.ParticleCloud.generateClaimCodeForOrg(ParticleCloud.java:390)

Let me loop our Android engineer and get back to you

ok, thanks @ido appreciate that. I also opened a support ticket, but the support engineer mentioned he would wait to see a reply here.

I Set

   <bool name="organization">true</bool>
    <integer name="product_id">mypid int here</integer>

and set the following two string resources in customization.xml in devicesetup app:

    <string name="oauth_client_id">mygeneratedClientID</string>
    <string name="oauth_client_secret">myGeneratedClientSecret</string>

@ido here’s the actual exception after importing the latest changes from the github repo:

04-04 20:49:16.022 27693-27693/io.particle.devicesetup.exampleapp E/Async: Error calling API: Organization not found for user.
io.particle.android.sdk.cloud.ParticleCloudException
at io.particle.android.sdk.cloud.ParticleCloud.generateClaimCodeForOrg(ParticleCloud.java:410)
at io.particle.android.sdk.devicesetup.ui.GetReadyActivity$1.callApi(GetReadyActivity.java:102)
at io.particle.android.sdk.devicesetup.ui.GetReadyActivity$1.callApi(GetReadyActivity.java:97)
at io.particle.android.sdk.utils.Async$AsyncApiWorker.doInBackground(Async.java:105)
at io.particle.android.sdk.utils.Async$AsyncApiWorker.doInBackground(Async.java:73)
at android.os.AsyncTask$2.call(AsyncTask.java:295)
at java.util.concurrent.FutureTask.run(FutureTask.java:237)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1113)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:588)
at java.lang.Thread.run(Thread.java:818)

@julius Can you look into that?

i tried going into the New User flow for the example app, and I get a different error:
04-04 21:13:24.535 18900-19490/io.particle.devicesetup.exampleapp D/Retrofit: {“ok”:false,“code”:400,“error”:“email was empty”}

now I get the following exception, I added a log statement to CreateAccountActivity right before ParticleCloud was called to make sure the app was grabbing the email addr value from the email field:

log.d("email: " + email);
particleCloud.signUpAndLogInWithCustomer(signUpInfo, getResources().getInteger(R.integer.product_id));

I got this in the monitor log, for my debug statement, so does your SDK have a defect?
Socket deconnection
04-04 21:13:24.041 18900-19490/io.particle.devicesetup.exampleapp D/CreateAccountActivity: email: myemail@domain.com

04-04 21:13:24.538 18900-18900/io.particle.devicesetup.exampleapp E/Async: Error calling API: email was empty
io.particle.android.sdk.cloud.ParticleCloudException
at io.particle.android.sdk.cloud.ParticleCloud.signUpAndLogInWithCustomer(ParticleCloud.java:243)
at io.particle.android.sdk.accountsetup.CreateAccountActivity$1.callApi(CreateAccountActivity.java:223)
at io.particle.android.sdk.accountsetup.CreateAccountActivity$1.callApi(CreateAccountActivity.java:218)
at io.particle.android.sdk.utils.Async$AsyncApiWorker.doInBackground(Async.java:105)
at io.particle.android.sdk.utils.Async$AsyncApiWorker.doInBackground(Async.java:73)
at android.os.AsyncTask$2.call(AsyncTask.java:295)
at java.util.concurrent.FutureTask.run(FutureTask.java:237)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1113)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:588)
at java.lang.Thread.run(Thread.java:818)

Here’s the post, I don’t see the email field in the body:

—> HTTP POST https://api.particle.io/v1/products/pid/customers
04-04 21:13:24.047 18900-19490/io.particle.devicesetup.exampleapp D/Retrofit: Authorization: Basic
04-04 21:13:24.047 18900-19490/io.particle.devicesetup.exampleapp D/Retrofit: Content-Type: application/json; charset=UTF-8
04-04 21:13:24.047 18900-19490/io.particle.devicesetup.exampleapp D/Retrofit: Content-Length: 195
04-04 21:13:24.047 18900-19490/io.particle.devicesetup.exampleapp D/Retrofit: {“account_info”:{“business_account”:false,“company_name”:"",“first_name”:“LC”,“last_name”:“LC”},“grant_type”:“client_credentials”,“password”:“password”,“username”:“myemailaddr@domain.com”}
04-04 21:13:24.047 18900-19490/io.particle.devicesetup.exampleapp D/Retrofit: —> END HTTP (195-byte body)

So i took some screencaps of some http header traces using fiddler. I was able to set a breakpoint onBeginRequest with fiddler, and manually tamper the request to add the email field, after which, the request succeeded. This is a confirmed defect in your api. @julius @ido

I added a comment: here.
and opened: https://github.com/spark/spark-sdk-android/issues/42

BTW, I can login as the user now (to Tinker for example) but the user doesn’t appear in my ORG’s console under customers. Should the 201 create on the post request to api/v1/products/orgid/customers have added that user to my org’s console?

@Lcstyle I missed a fact that customer signup has extra email field, I’ll be adding that back in next cloud sdk release.

@julius naturally the next question is what’s your ETA, I ported the project and will probably add a fix and then build my local project with my version of the SDK, no need for me to do all that if your next cloud sdk release will happen soon.

@Lcstyle Either end of this week or beginning of next one.

@julius I fixed it in this commit:

won’t issue a pull request as you’ll probably want to clean up the fix, I did test it and it did work:

04-05 14:27:06.506 3714-3780/io.particle.devicesetup.exampleapp D/Retrofit: —> HTTP POST https://api.particle.io/v1/products/intid/customers
04-05 14:27:06.506 3714-3780/io.particle.devicesetup.exampleapp D/Retrofit: Authorization: Basic
04-05 14:27:06.506 3714-3780/io.particle.devicesetup.exampleapp D/Retrofit: Content-Type: application/json; charset=UTF-8
04-05 14:27:06.506 3714-3780/io.particle.devicesetup.exampleapp D/Retrofit: Content-Length: 225
04-05 14:27:06.507 3714-3780/io.particle.devicesetup.exampleapp D/Retrofit: {“account_info”:{“business_account”:false,“company_name”:"",“first_name”:“xyz”,“last_name”:“xyz”},“email”:“emailaddr”,“grant_type”:“client_credentials”,“password”:“xyz”,“username”:“xyz”}
04-05 14:27:06.507 3714-3780/io.particle.devicesetup.exampleapp D/Retrofit: —> END HTTP (225-byte body)
04-05 14:27:06.994 3714-3780/io.particle.devicesetup.exampleapp D/Retrofit: <— HTTP 201 https://api.particle.io/v1/products/intid/customers (487ms)
04-05 14:27:06.994 3714-3780/io.particle.devicesetup.exampleapp D/Retrofit: date: Wed, 05 Apr 2017 18:27:06 GMT
04-05 14:27:06.994 3714-3780/io.particle.devicesetup.exampleapp D/Retrofit: content-type: application/json; charset=utf-8
04-05 14:27:06.994 3714-3780/io.particle.devicesetup.exampleapp D/Retrofit: content-length: 161
04-05 14:27:06.994 3714-3780/io.particle.devicesetup.exampleapp D/Retrofit: server: nginx
04-05 14:27:06.994 3714-3780/io.particle.devicesetup.exampleapp D/Retrofit: access-control-allow-origin: *
04-05 14:27:06.994 3714-3780/io.particle.devicesetup.exampleapp D/Retrofit: etag: W/“a1-GYFWM+qvaGzKzoREA+5Oew”
04-05 14:27:06.994 3714-3780/io.particle.devicesetup.exampleapp D/Retrofit: OkHttp-Sent-Millis: 1491416826624
04-05 14:27:06.994 3714-3780/io.particle.devicesetup.exampleapp D/Retrofit: OkHttp-Received-Millis: 1491416826994
04-05 14:27:06.995 3714-3780/io.particle.devicesetup.exampleapp D/Retrofit: {“token_type”:“bearer”,“access_token”:“AT”,“expires_in”:7776000,“refresh_token”:“RT”}
04-05 14:27:06.995 3714-3780/io.particle.devicesetup.exampleapp D/Retrofit: <— END HTTP (161-byte body)

BTW, the users are not being added to my console under customers:

Can someone help me troubleshoot that? Does the customer need to complete device registration before they are added to the console? See screenshot below, technically, I’ve added two customers so far.

@Lcstyle Released cloud sdk and device setup library updates fixing missing email field bug.