FAQ
abbrechen
Vorschläge aktivieren
Mit der automatischen Vorschlagsfunktion können Sie Ihre Suchergebnisse eingrenzen, da während der Eingabe mögliche Treffer angezeigt werden.
Suchergebnisse werden angezeigt für 
Anzeigen  nur  | Stattdessen suchen nach 
Meintest du: 
Anmelden
Neuer Nutzer? Jetzt registrieren
Beantwortet! Gehe zur Lösung.

Problems getting the access token

I am observing problems getting the access token as described in the developer portal.

 

Intitially I am trying to get the token manually by http requests in order to understand the procedure, the final goal is to implement the whole procedure into openHAB using rules and later maybe a complete binding (i.e. create a standard interface from openHAB to the Viessmann API useable for others as well).

 

My current problem/question:

 

I managed to get past Step 1 and received a code using the posted http request like:

https://iam.viessmann.com/idp/v2/authorize?client_id=my_oauth_client_id&redirect_uri=http://localhost:4200/&response_type=code&code_challenge=my_code_challenge&scope=IoT%20User

 (my_oauth_client and my_code_challenge are replaced with my actual values).

Using the received code I posted:

https://iam.viessmann.com/idp/v2/token?client_id=my_oauth_client&redirect_uri=http://localhost:4200/...

I used the same string for My_code_challenge in both cases (in my understanding without setting code_challenge_method this should be correct).

From such I always get:

{"error":"invalid-authorization-request"}

 

What am I doing wrong?

  • I tried to send the second request as fast as possible (at least within a minute). Am I to slow?
  • The developer portal showed only a cURL example for the second request, is my selfmade https string wrong?
  • ....

As a follow up question, the to be received API token has a setting of

"expires_in": 3600

 Is that seconds or minutes?

‎19.06.2021 13:10
JueBag
Experte II
0 Likes
1 AKZEPTIERTE LÖSUNG

Akzeptierte Lösungen
Beantwortet! Gehe zur Lösung.

Hi @JueBag ,

 

within the second step (Authorization code exchange), have you set the parameter within the header?

-H "Content-Type: application/x-www-form-urlencoded"

Also, make sure to send a POST request. 

The expiration time of the token is in seconds. However, you can create a refresh token, which helps you obtaining a new access token much easier, as you do not need to do step 1 (Authorization request) anymore. You find the explanation for the refresh token here: https://developer.viessmann.com/en/doc/authentication (Refreshing an access token)

Hope this helps. If you have further questions, let me know.

Best,

Michael

Lösung in ursprünglichem Beitrag anzeigen

‎21.06.2021 8:19
Als Antwort auf JueBag
MichaelHanna
Viessmann
Viessmann
9 ANTWORTEN 9
Beantwortet! Gehe zur Lösung.

I am missing: "grant_type=authorization_code"

‎20.06.2021 20:34
andreas13
Profi
Beantwortet! Gehe zur Lösung.

Thanks for the input, however using:

 

https://iam.viessmann.com/idp/v2/token?grant_type=authorization_code&client_id=my_oauth_client&redir...

 

I'm getting 

{"error":"invalid-token-request"}

as well.

‎21.06.2021 7:40
JueBag
Experte II
0 Likes
Beantwortet! Gehe zur Lösung.

Hi @JueBag ,

 

within the second step (Authorization code exchange), have you set the parameter within the header?

-H "Content-Type: application/x-www-form-urlencoded"

Also, make sure to send a POST request. 

The expiration time of the token is in seconds. However, you can create a refresh token, which helps you obtaining a new access token much easier, as you do not need to do step 1 (Authorization request) anymore. You find the explanation for the refresh token here: https://developer.viessmann.com/en/doc/authentication (Refreshing an access token)

Hope this helps. If you have further questions, let me know.

Best,

Michael

‎21.06.2021 8:19
Als Antwort auf JueBag
MichaelHanna
Viessmann
Viessmann
Beantwortet! Gehe zur Lösung.

@MichaelHanna 

My trials to send a "POST" request solely with the browser didn't work, using POSTMAN I got my token.

 

Danke!

 

Follow-Up Question:

Will the Refresh-Token stay the same over time, or did I get the same on my second request just because it was within a short time?

‎21.06.2021 9:10
JueBag
Experte II
0 Likes
Beantwortet! Gehe zur Lösung.
Verschoben:

Verschoben: https://community.viessmann.de/t5/forums/forumtopicpage/message-uid/178699#U178699

Der Beitrag wurde automatisch verschoben.

‎21.06.2021 13:43
Als Antwort auf JueBag
CustomerCareBen
Viessmann
Viessmann
0 Likes
Beantwortet! Gehe zur Lösung.

Hi,

 

the above link doesnt work.

 

I have a problem with this line:

 

curl -X POST "https://iam.viessmann.com/idp/v2/token" -H "Content-Type: application/x-www-form-urlencoded" -d "grant_type=authorization_code&client_id=xxxxxxxxxxxxxxxxxxx&redirect_uri=http://192.168.1.199:8123&code_verifier=yyyyyyyyyyyyyyyyyyyyyyyy&code=zzzzzzzzzzzzzzzzzzz"

 

the code i've got already. It was not easy because the redirect_uri redirects immediatellay to an other site and i had to be very fast with the screeenshot :)...finally i've got it, but I get with the above curl a response:

 

{"error":"invalid-token-request"}

 

why? what is wrong?

 

and why it is so complicated: request via url, curl, tokens, client_id, code_verifier, codes, logins? It is an access for my-all-live-savings in a super secure bank? why the client_id is not enough?

 

regards

Andrzej

‎18.10.2021 16:55
Als Antwort auf CustomerCareBen
nigolcabej
Erster Login
0 Likes
Beantwortet! Gehe zur Lösung.

@nigolcabej  schrieb:

 

 It was not easy because the redirect_uri redirects immediatellay to an other site 


You did set that url! Why didn't you use localhost?

 

‎18.10.2021 19:35
Als Antwort auf nigolcabej
JueBag
Experte II
0 Likes
Beantwortet! Gehe zur Lösung.

Hi,

 

to get the "code" and it have been worked with this url. so it doesnt matter, i suppose, what is the redirect_uri. Why i'm getting the {"error":"invalid-token-request"}?

 

Regards

‎18.10.2021 21:56
Als Antwort auf JueBag
nigolcabej
Erster Login
0 Likes
Beantwortet! Gehe zur Lösung.

Hi, 

I'm a bit puzzled... I also get "invalid-token-request" when trying this on the command line.

 

Here is my script:

#!/bin/bash

export client_id="client_id"
export redirect_uri="http://localhost:4200/oauth-callback"
export challenge_id=$(cat /proc/sys/kernel/random/uuid)
export email="email"
export password="password"

# Authorize and get code for further request
curl -X POST "https://iam.viessmann.com/idp/v2/authorize?client_id=$client_id&redirect_uri=$redirect_uri&response_..." \
-d "hidden-password=00&stayloggedin=Angemeldet bleiben&submit=Login&isiwebuserid=$email&isiwebpasswd=$password" \
-o login.html
export code=$(grep $redirect_uri login.html | sed -E 's/(^.*code=)([^"]*)(.*)/\2/g')

# get access token
curl -H "Content-Type: application/x-www-form-urlencoded" \
-X POST "https://iam.viessmann.com/idp/v2/token" \
-d "grant_type=authorization_code&code_verifier=$challenge_id&client_id=$client_id&redirect_uri=$redirect_uri&code=$code" \
-o access_token.json

 

Am I missing somehting and cannot see it?

 

‎02.11.2021 11:23
MrAnderson
Profi II
0 Likes

Weitersurfen

abbrechen
Vorschläge aktivieren
Mit der automatischen Vorschlagsfunktion können Sie Ihre Suchergebnisse eingrenzen, da während der Eingabe mögliche Treffer angezeigt werden.
Suchergebnisse werden angezeigt für 
Anzeigen  nur  | Stattdessen suchen nach 
Meintest du: 
Anmelden
Neuer Nutzer? Jetzt registrieren