API REST Refresh Token
Hello,
The Netatmo API authentication method changed a few months ago.
From now on the RefreshToken changes regularly, which is a good thing for the security of the APIs but which unfortunately leads to changes on the client side which make the APIs unusable.
In my opinion, there is no way of renewing/recovering the "RefreshToken" from a ClientID/ClientSecret, as other OAuth2 APIs with the same workflow offer.
Here's a concrete customer case that shows why this new authentication mode is incomplete.
In this case, we configure our application with an initial RefreshToken (from the Netatmo portal).
With this RefreshToken we request an AccessToken which will have a lifetime of 3H.
At the same time as the AccessToken is returned, a new RefreshToken is returned.
The solution is to store this RefreshToken on disk.
The next time our application is restarted, the AccessToken will be invalid and we'll use the RefreshToken stored on disk to get a new one.
Where it gets tricky is if another application has used the RefreshToken or in the case of a distributed application (which is our case). In short, following the OAuth2 recommendations with a way of retrieving the RefreshToken from the ClientId and ClientSecret seems necessary in order to satisfy the integrators of your solutions.
As things stand, we've decided to remove the Netatmo and Legrand ranges from our catalogue in order to meet the needs of integrators.
Comments
4 comments
I'm completely agree with this comment. After I spent a lot of money to buy your hardware to integrate in my develops, now I can't use it. this is frustrating. The device is mine why do you decide the security level for me??????
Yes, same problem here. Why change something that wasn’t really broken. Large number of web users now without access to their own data via my app.
What's most distressing is Netatmo's failure to respond and offer a solution to its community/customers.
For me, it's an admission of failure: their cyber-security trainee/expert has driven them into the wall.
I second this problem. Please provide a fix! thank you.
Please sign in to leave a comment.