OAuth questions

Hoping someone can set me on the right path here. I'm trying to complete OAuth authentication with a web service that requires a whitelisted redirect URI. On SmartThings, the documentation states that it should always be https://graph.api.smartthings.com/oauth/callback, which works fine since I can add that to the whitelist and everyone is happy.
With HE, it seems (at least from examples I've stumbled across) that I may need to use a URI that is specific to each installation, which doesn't really mesh with the suggested best practices for OAuth since the service would have to allow whitelisting URI patterns.

So...what is the "correct" redirect_uri to use?
Is ST acting as a proxy for those callbacks or am I misunderstanding the OAuth flow? (yes, they are)

Can anyone confirm if the callback endpoint must be hub/app specific or if there is something like a https://cloud.hubitat.com/oauth/callback that I can use?

@chuck.schwer would probably know best...

We have not implemented those endpoints in our cloud yet. For your web service, does it require the entire redirect uri is in the whitelist? I know some services can validate just the beginning, ie: "https://cloud.hubitat.com/api" if that is the case then that would get you over the hump. I'm looking for a good example I can test with to get this implemented. Is the service you are using available to the public and does it have an ST implementation?

1 Like

It’s Spotify. When I tried a partial URL, it didn’t work. I believe they require the entire path. It will have an implementation shortly :slight_smile: I’ve been hacking away at it in between actual work tasks, so it’s not feature complete or pretty, but the OAuth part is more or less done.

Ok, if you can send it my way, I can play with it to see what it would take to get the static urls to work on our service endpoints.

Just tested it with a partial URL. “Invalid redirect URI”
GitHub link

I’ll leave that branch as-is for now so as not to break things.

It’s still very ST centric at the moment while I work out all the details.

I'm too blocked on a service that requires full redirect url validation

Can you share if this is near-term or farther out on the roadmap?

I started looking into this for the same reasons @mitchp is and am interested in the current state as well.


For what it's worth I got to this page because I'm trying to make mitchp's spotify app work in Hubitat and am running into this issue too.

This is still on my 'project list'. Unfortunately, it's on there after all the other home projects. I gave up on there ever being redirect akin to ST's, so I'm reworking it. It'll require everyone who wants to use it to sign up for a Spotify dev account and whitelist their specific HE URL (which changes if you remove/reinstall the app...), so it's quite clunky. :confused:

This is probably very low priority for HE given the local focus of the product and I totally understand.

1 Like

Finally getting some time to get back to 'fun' projects. Just wondering if there have been any notable changes to the cloud OAuth process (static URLs maybe?) so I can rework things accordingly.

+1 I am trying to port a app that requires OATH call back uri as well and I dont seem to figure it out. here is the example @chuck.schwer

Did you ever get this figured out? I'd like the Remotsy app ported to Hubitat as well.

I, too, am looking for a Hubitat solution for this.

I would like to port this over to trigger on various holidays: GitHub - infofiend/GCal-Search: Re-Release of mnestor's G-Cal Search App

Huzzah! At some point, a static redirect was implemented! The docs have been updated accordingly. My GitHub is in a sorry state :pensive:, but I will push an example and update this post. Otherwise, I found a good example here.

Edit: Spotify Connect Example

Hallo @mitchp

A few days ago I installed Spotify Connect. And it can control my spotify. But why now I can not control it?. But I know what's playing on spotify and what the volume level is.

This topic was automatically closed 365 days after the last reply. New replies are no longer allowed.