invalid access token
I try to create an app that can at least read the weather data from my netatmo. I managed to create the login flow and I get back an access_token and a refresh_token.
However each endpoint I call returns a 403 / invalid access token, even if i provide the newest token.
Even refreshing tokens gives me the same error, what can I do?
Comments
18 comments
I tried with a token I generated through the website to no avail. Then I created a new application, created a token and it seems to work. Solved my problem for now but I am a bit worried about the stability of Netatmo auth.
BTW, is there a way to delete an obsolete application?
Same problem; same question
Hello,
Seems like some applications are buggy recently. They correctly generate the first access/refresh_token pair, but these values are invalid
As you said, the solution is to create a new developer application. I'll report the problem to Netatmo devs
You can't totally delete an unused app from your interface. I advise you to deactivate it with the slider in the app's details
Have a good day,
Leslie - Community Manager
Hello,
I'm bumping this thread because I still seem to have the exact same problem. All of the authentification process works fine but the newly generated token doesn't work and the API returns the invalid access token error.
Edit: removing some scopes fixed my issue but I can't add too many different scopes
Hi Marc,
Thanks for the feedback. Could you please send me the exact scope list you tried ? I'll see on my side if I can reproduce the problem
Have a good day,
Leslie - Community Manager
I am having this exact problem, the only scope I am using is read_station. It was returning invalid access token for me but for other users the app was working fine, resetting the client ID and secret did not work but creating a new application did.
Hi there,
I have a similar problem, I do get a credential token, when I use my Access_Token / Refresh_Token created, but get a 403/Forbidden when requesting GetStationData() or GetHomesData().
If I then create a new Token for the App with read_station and read_homecoach scopes, I then receive new Access and Refresh tokens, which will work for a while (appx. 2-4 hours) then we are back to the 403 / forbidden again.
I can see the expiration time of the credential token is appx. 20 seconds, is that correct?
/NielsK
I'm having the same problem with an RTI automation system. It used to work but now it doesn't. Yes, the login/password has been verified multiple times to be correct. It works when logging into the Netatmo web site. What to do?
Hello,
Same issue for me. The access token always expires a few hours later.
Is there a proper/correct documentation to setup an app without having to perform regular manual steps ?
Thx
Hello,
Same problem here.
Thanks
Weird, seems we are struggeling with the similar issue.
I have tried for days to get new/correct tokens from the dev.netatmo.com app page.
My problems started last week after a loooong stable period (years) when I had to move my app to a new Raspberry.
Then I did a reset for the app with new Client ID, Client Secret plus the access and refresh tokens. Since this I have tried several times to regenerate without any luck.
Both https://chat.openai.com/ and copilot now starts to sugest I shoul use only the first part (before the "|" character) of access and refresh tokens. This must be AI halusination, or is it some facts in it?
I'm getting mad!
I gave up and generated a new app. This gave me access to my Netatmo data trough the API....
Hello,
I've create a new app as well but it doesn't help ... I keep getting :
Hello,
"Both https://chat.openai.com/ and copilot now starts to sugest I shoul use only the first part (before the "|" character) of access and refresh tokens. This must be AI halusination, or is it some facts in it?" <= no, of course the whole token characters must be used
For people struggling to get a first pair of access/refresh_token via the "classic" way, indeed the best is to generate a first working pair via the token generator (available here : https://dev.netatmo.com/apps/). Then, you can just apply the refresh_token process by storing and using the latest generated refresh_token value in your /token calls
Have a good day,
Leslie - Community Manager
Hi Leslie,
I have a backend server which is running 24/7, whenever I create from your website the couple access and refresh token everything works as long as the server is running, the access token is used and then the refresh token is used and when expired is refreshed and keeps working. The problem is when I need to restart the server after few days for any reasons, then the access token is expired and I need to get back to your website to generate another one which makes this scenario unusable.
Maybe I did not clearly understand your last message but if there a way to keep it working after a server reboot please let me know thanks
Claudio
Hi
as everyone here i'm trying to build my on app but i have the invalid access token.
Leslie, you suggest to create the key pairs from dev console and then refresh it but this is not possible if you want a redirect_uri. So the suggestion is good, but only momentaneus.
I see this post has 4 months, do the netatmo devs working on this issue?
It's a seriuos issue thinking to the cost of the devices.
Thanks
Bogdan
the solution is as Leslie reported up here in this thread :
For people struggling to get a first pair of access/refresh_token via the "classic" way, indeed the best is to generate a first working pair via the token generator (available here : https://dev.netatmo.com/apps/). Then, you can just apply the refresh_token process by storing and using the latest generated refresh_token value in your /token calls
:
Hello Bogdan,
It's not mandatory to set a redirect_uri in your app's parameters on the dev website. You must only declare it in your /authorize request
If you delete it, the token generator tool will be available
Have a good day,
Leslie - Community Manager
Please sign in to leave a comment.