New(ish) API docs for oauth seem pretty whack


#1

I’ve noticed a few problems with the API docs, but the issue that made me open this topic is as follows:

For https://api.lockitron.com/oauth/token:

  1. expires_in is listed in the docs as one of the values returned in the hash, but in my testing, it is non-existent. For your debugging purposes, the provided POST:
    https://api.lockitron.com/oauth/token?client_id=REDACTED&client_secret=REDACTED&code=REDACTED&grant_type=authorization_code&redirect_uri=https%3A%2F%2Fgraph.api.smartthings.com%2Foauth%2Fcallback

  2. The grant_type explanation is whack and needs revisiting. It talks about an authentication_code which is not accurate. The required value is authorization_code.

For https://api.lockitron.com/oauth/authorize:

  1. Similar issue, but for response_type. The docs suggest a value of authentication_code but for this one, the appropriate value is code.

#2

@jamesmeador thanks for the corrections - there are a few things I would like to update on our OAuth implementation but we want to keep things stable as folks build against it.