Send private events to devices with product endpoint


we are trying to get our backend to send private events to devices using the product endpoint API, something like this:

curl "" \
       -d "name=myevent" \
       -d "data=Hello World" \
       -d "private=true" \
       -d "ttl=60" \
       -d access_token=1234

My backend’s O-Auth client is a Two-Legged Auth (Server) client, and I get the token for this client with:

curl \
       -u <client_id>:<client_pwd> \
       -d grant_type=client_credentials

The devices subscribe to the event with:
Particle.subscribe("myevent", theHandler, MY_DEVICES);

Can someone clarify why this doesn’t work and suggest the recommended way for sending private events from the backend to the devices?

Thank you!

Product events are essentially one way from the device to the product.

In order to send a private event to a device, you need to use a customer scoped access token:

curl -X POST -u "test1-7141:8804b8cbca56e71b275fb9ebd10cada2bb515e9a" -d grant_type=client_credentials -d 
  • test1-7141 is the OAuth client ID (two-legged server type)
  • 8804b8cbca56e71b275fb9ebd10cada2bb515e9a is the OAuth client secret
  • is the customer email. Note that it really is scope=customer= email .

Once you have a customer access token you can send an event using the non-product event publishing endpoint and it will go to that customer.

Hi @rickkas7,

thank you for your reply.

I have tried using a token with a customer scope, but that doesn’t help in our use case, neither I understand how customers and products are supposed to be used together. I have followed your guide on this

Using a customer kind if deprecates the notion of product in this context. It seems I need to basically replace my product grouping with a customer grouping. If that’s the case, what’s even the point of allowing creating customers inside a product? Customers shouldn’t be allowed to be under products but only under the root organization.

What’s really not ideal about this approach is that I can’t distinguish between different clients, e.g. if I want to have two cloud applications sending private events to devices they both need to use the same “customer” because only customers can send private events and devices can only be owned by one customer…

Can you clarify the relationship customer/product?

thank you.