Hey all - I’ve read quite a bit of the particle.io site, and a few of the threads in this topic - and still think this could be clarified a bit to make it simpler for everyone to understand.
If I wanted to use particle/electron/etc to create a product - and basically have the data get to a hosted service, what is the flow?
User buys device from us? (which we’ve bought from the store and pre-flashed?)
They get device - and they have to create an account at particle, register the device, as themselves - then authorize us?
2.5. How do we create webhooks at this point? Or can we get push notified to our server some other way every time their device sends data to the cloud?
If they want new firmware (electron) we could send that OTA somehow? (Is that the new management thingy that says coming soon?)
Trying to grasp which endpoints/sdk/etc we should care about - want to draft this up at a hackathon soon
That depends on how the product is supposed to work, and how you want to control things. There are different methods available, which should all be described here. It's along read, but has some valuable information which seems to answer your questions.
If you're using a server of your own anyhow, 2 legged authentication might be interesting. The device answers to your server, which then interacts with the cloud. You should thus be in full control. Webhooks can be created, and any and all actions can go through your server anyhow.
If you manage their products, then yes. "simple authentication" wouldn't allow this, since they'd be the owners of the device (if I understood it correctly), but 2 legged authentication would allow for this, since you're the owner. Updates can then be managed OTA by either your own server, or by using the Particle Dashboard.
Hate to say it, but that link does seem like it contains much, if not all of the information you're looking for. Though I'd like to repeat it, it'd mean I'd have to go look it up and copy & paste it, at the risk of missing something you'd like to know. To that end, I'd like to wholeheartedly suggest you do take the time to read through that page, since its sole existence is based around the questions you're asking. The things I'm telling you are based of off the information that's presented there, so the must be some truth to it.
Not trying to shrug you off, but I can only tell you less than what's on that page, since that page is where I'm getting most of my information from. Not having used it before, my interpretation of it could be false, or differ from what it should actually represent. Honestly, your best bet is to give it a read, and to then ask very concrete questions, should you still have any.
Yes, this is quite likely the most common scenario.
