Login for User /// Login for Firmware updates and Logs

Hey! (first post :slight_smile: )

I’m using Photon for a while and was pretty sucessful up to now with the Particle documentation, but there is something quite basic I cannot really figure out. So I will be posting this in the Getting started section, please feel free to move to another section if that’s more fitting.

I’m developing a product where I want user to have access to Particle.functions and Particle.Variables via iOS and Android-Apps as well as WebApps. So far so good and I’m getting that done. But I want to also be able to push updates to the shipped devices.

My simple ideas was, that in the console you can create a product (and add devices) under the company account to manage the devices. Later when the user activates the product he can still claim it with his/her App and user account.

So essentially a separation between user account and device management account. Somehow I can’t find how to do that. Please help! :+1:

Once it is a product, it should be claimed under the creator’s account. Otherwise, you essential “lose” control of the device once the user claims it.

OK, but how does the customer access function then? Just via DeviceID and Token? That would be kind of complicated.

Would be very comfortable if there would be a user and a magement/admin/company accout for each device.

@jeiden should be the best person to help with the product related questions :wink:

1 Like

Hey @WiB,

This is exactly what customers are for. Customers are a special type of Particle account that are end-users of an IoT product. I’d encourage you to check out the authentication section of the product creator guide to get an in-depth understanding of how this all works.

Feel free to follow up with any questions you may have.



1 Like

Hi Jeiden,

Just a couple of quick questions about customer tokens. I’m using simple Oauth in an app.

Confusing thing 1:
My customer comes to use their app after 3 months by which point their customer scoped token has expired. How do I handle this? My app figures out what’s happened and asks them to log in again. I don’t just hit the create customer - client credentials end point again? There must be a more specific log in end point that I should use? Otherwise, I’l just end up creating thousands of customers? And I really don’t want to confuse the customer by creating a new account by accident when they mis-spell their password. I’ve got to be missing something here. Edit: I think I got it… I hit the GENERATE AN ACCESS TOKEN end point with my client ID & Secret, and my customer email and password and grant-type=password don’t I?

Confusing thing 2:
My customer is a dumbo and forgets their password. They click the “forgot my password” button. how do I handle this? Do I get them to type in their username and then hit the
update customer password end point. What happens then? Do I need to generate an email to them including the generated passphrase (that I just sent to your servers) or do your servers generate this email? And does this mean I need to be more specific in that the “user name” must actually be their email address, to cater for this eventuality.

Many thanks,


Hi all.

I was planning to base my app on the Cloud API and simple Auth. But it strikes me that while the functionality is definitely there, looking at the JS SDK docs, it’s not documented in the cloud API. Am I flogging a dead horse trying to drive an app by directly hitting the API? Is the only viable option to use one of the SDKs (JS in my case)?

The other option is actually use 2 legged just to get more control over the Auth process. So, I have fewer Particle considerations to worry about? Thoughts?

Would love to get this straight so I can put my energy in the right place. Thanks forum!


I’d like to pull in @rickkas7 to help out here