Skip to main content

Access

If your business needs include managing your own resources (Locations, Devices, etc.) transparently through your existing system, API access may be necessary. API access is obtained through a Service Account, and will be configured as part of account onboarding when joining SmartThings Enterprise.

Instead of traditional SmartThings consumer OAuth integrations (which are installed by a user authorizing the integration for each SmartThings Location), you may leverage the Enterprise Account feature, Service Accounts.

Service Accounts are programmatic actors with the flexibility to adapt to your system design, whether your system is monolithic or consists of globally distributed microservices.

Access the Enterprise API

After obtaining a Service Account, you will:

  1. Use your Service Account to generate an API key (up to 5) by sending a POST request to /accounts/{accountId}/serviceaccounts/{serviceAccountId}/keys.

    You may specify any expiration date for this key, up to one year.

  2. Use your API key to send a POST request to /auth/serviceaccount/token.

    You will receive a JSON Web Token (JWT) in response, valid for any specified duration up to 24 hours.

  3. Use your JWT to access all other Enterprise API endpoints.

In the next section, take a closer look at Service Accounts and how they enable access to the Enterprise API.