ym88659208ym87991671
Account linking and getting tokens process | Documentation for developers

Account linking and getting tokens process

Last updated on November 24, 2024

Account linking is the process of linking the user's Sber ID account with his/her account in your system. As the result, Sber Smart Home receives the access token which it can use to send commands to your cloud. The token is received via the standard OAuth 2.0 protocol.

Be careful when setting the lifetime of access_token and refresh_token. The refresh_token lifetime must be significantly longer than the access_token lifetime and must be at least 1 hour. The recommended refresh_token lifetime is five times the lifetime of the access_token.

Account linking process:

  1. In the Salute app, the user opens the device management section and selects the right vendor, i.e. you.
  2. The app displays your authorization form – you indicate its address in SmartMarket Studio.
  3. The user enters the login and password. Your authorization server verifies their validity. If everything is OK, the server returns the token receipt code.
  4. Smart Home uses the code received, as well as your Client ID and Secret ID and sends queries for issuance of user access token and refresh token. It then saves these tokens. You indicate your Client ID и Secret ID in SmartMarket Studio, queries will be sent to the token issuance endpoint that is indicated there, too.

Permitted return URLs:

  • https://gateway.iot.sberdevices.ru/gateway/v1/binder/backward — for production.
  • https://gateway-ift-le.iot.pd.sberdevices.ru/ — for debugging integration.
Sber process cookies only to personalize services according to Cookies Usage Policy. You can prevent the processing of cookies in your browser settings.