How exactly does authentication work?

I am planning on using curl to call functions on the photon from linux.

I understand that before I can call a function, I need to authenticate using a command like this:

$ curl \
     -d access_token=9876987698769876987698769876987698769876

I understand that only after doing this, I can call a function normally like this:

$ curl -d arg="ZEN PLEASE" -d access_token=1234

But how does it happen? How does it know who is authenticated and who is not?

Does it store a file on the computer?

Ahm, no!?

The access_token parameter in the second command is all you need.
Although it should rather be

$ curl -d access_token=<putYourAccessTokenHere> -d "args=ZEN PLEASE" 

The first command just looks like the demo call from the dics that’d call an exposed Particle.function("brew", ...) without argument - it hasn’t anything to do with autentication and has no relevance for the subsequent call.

1 Like

Oh so It is all in one command. On the cloud documentation it looked like they were separate. Thank You.

Now it makes more sense.

1 Like

Hi ScruffR,

I have a created a Product in the console with two devices. One device belongs to my Particle Account, the same account that holds the said Product. I’ve set it as my development device. The other device belongs to a sample customer I created.
Both devices have this firmware that has a particle cloud function "BED"
Now, I called the said function o both devices following this example:

-d arg=“ZEN PLEASE”
-d access_token=1234"

and it worked.

Then I tried calling the function using this example:
-d arg=“ZEN PLEASE”
-d access_token=1234

But it didn’t work this time. I wonder why. I have edited the sample and filled in the 4-digit productId as seen from the console. I have also used the device ID of each device belonging to my Particle account and my sample customer’s account with their respective access tokens. The access token I’ve used for my Particle account is the one found in Build. The access token I’ve used for the sample customer’s account is an access token I’ve generated for that account.

On the docs,
It says here that: "Without these credentials, calls to POST /v1/orgs/:orgSlug/customers will fail."
So I even tried adding extra arguments on the call:
-d client_id=xxxx
-d client_secret=xxxx
-d password=xxxx

But still, nothing didn’t worked
The reply from the cloud would always be: {“ok”:false,“error”:“Organization not found for user’s role.”}

I looked for answers in the community and got to this thread.
I hope you ave some idea on this problem of mine.

Btw, I am actually making batch files for particle calls that is why I am trying to test out the different curls in the reference for the Cloud API.

Thanks in advance!


I’ll hand this over to @tylercpeacock

1 Like

Have you also changed the “gong” part?

Yes. I have replaced it with “BED”. Using the access token in my Particle Account,

curl -d arg=“HEADUP 5500” -d access_token=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx8bd

works. But,

curl -d arg=“HEADUP 5500” -d access_token=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx8bd

doesn’t work :frowning:
It says: {“ok”:false,“error”:“Organization not found for user’s role.”}