I’m developing an application with Particle devices where multiple users need to interact with the same device. Each user receives access to the devices they need, and this access may be revoked at any time.
I can obviously do this with my own server which manages user accounts and also makes all Particle API calls to control devices when requested by users. But this feels inefficient. If possible I would like to use the two-legged authentication implementation and a nice webapp with ParticleJS. The problem is I can’t find a way to generate a per-device access token, it seems that for a Customer to communicate with a Particle device they must first claim the device to their account and then they can use their access key.
Is there any way to generate an access token that allows a customer to interact with a device that hasn’t been claimed to their account?
Or is what I’m trying to do impossible and I have to go for the inefficient approach?