Glossary and error codes

Glossary

Eliot devices

Term	Description	Examples
Plant	A location	A house, an apartment, …
Ambient	A room	Living room, bed room, …
(Ambient) Module	A precise device	My first light, my second Céliane plug, …
(Ambient module’s) Plug	An individual plug in a room	The plug of the house’s kitchen
Device	A logical type of device	Light, plug, lock, …
Device system	The family to which the device belong	Energy management, lighting, …
Gateway	The device which is directly connected to the IoTHUB	Céliane with Netatmo, Smarther, …

Oauth2 authentication process

Term Description Examples

Scope OAuth 2.0 scopes provide a way to limit the amount of access that is granted to an access token. For example, an access token issued to a client app may be granted READ and WRITE access to protected resources, or just READ access. You can implement your APIs to enforce any scope or combination of scopes you wish. So, if a client receives a token that has READ scope, and it tries to call an API endpoint that requires WRITE access, the call will fail Get the state of plugs (plug.read), Control plugs (plug.write), Change comfort parameters (temperature setpoint,…) (comfort.write)

Application ID (client_id) It is the unique authentication code of your application. You can find it in “My applications” by clicking on “Details” 3dd29288-cy59-41fa-
b492-d8f8289149e7ed

JSON Web Tokens (JWT) It is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. It’s used for authentication and information exchange

Client secret (client_secret) It is a unique code sent by email at the approval of your application. You must keep it preciously because it can’t be sent back to you p+.3tog736W52,f~73P3Dt2r

User consent In order to use your application, the user must approve the scopes you defined. User consents are asked just once on the first connection, or each time you change the scopes

OpenID Connect protocol Built on top of the OAuth 2.0, it fills the gaps on missing security concerns. It adds a new type of token – which is called id_token – that can be seen as an id card of the user. The format of this token is strictly defined to be compliant to the JWT standard, which is to sum up a JSON formatted, base 64 encoded and signed token

Id token (id_token) An id_token cannot be used for API access. Each token contains information on the intended audience (recipient). According to the OpenID Connect specification, the audience (claim aud) of each id_token must be the client_id of the application making the authentication request eyJ0eXAiOiJKV1QiLC
JhbGciOiJSUzI1NiIsI…

Access token (access_token) Access tokens are the thing that applications use to make API requests on behalf of a user. The access token represents the authorization of a specific application to access specific parts of a user’s data eyJ0eXAiOiJKV1QiLC
JhbGciOiJSUzI1NiIsImtpZ…

Refresh token (refresh_token) A refresh token is a special kind of token that can be used to obtain a renewed access token —that allows accessing a protected resource— at any time. You can request new access tokens until the refresh token is blacklisted. Refresh tokens must be stored securely by an application because they essentially allow a user to remain authenticated forever eyJraWQiOiJjcGltY29
yZV8wOTI1MjA…

Error Code	Name	Description	Possible Solution
400	Bad request	Something is probably wrong in your request body or header	Check your request body and header
401	Unauthorized	User is not authorized to access the requested resource	Sign into Eliot cloud before sending your request Check your product subscription User is trying to access a resource on which he is not allowed : check that you are using right user credentials on right plant and device
403	Operation forbidden or Quota exceeded	Your account is not authorized to access the requested resource or out of call volume quota. Quota will be replenished in hh:mm:ss	Check if you have the requested permissions or wait for the suggested time to repeat your request
404	Resource not found/Gateway offline	Something is probably wrong in your request URL or your device is temporary disconnected from the network	Check your request URL, including request parameters (API version, plant id, module id) or check your device connection
406	Request not acceptable	Acceptance header is invalid for this endpoint resource	Check if the given parameters are valid
408	Request timeout	The server did not received a complete request within the server’s allotted timeout period	Wait a few seconds and try to send your request again
430	Wrong input parameters	Your request body contains invalid values	Check the parameters of your values in your request body
469	Official application password expired	Password used in the Legrand or Bticino Thermostat app is expired	Please renew user password through the application
470	Official application terms and conditions expired	Terms and conditions for Legrand or Bticino Thermostat app are expired	Please accept again terms and conditions through the application
486	Busy visual user interface	Your Legrand or Bticino thermostat device user interface has been used locally	Wait about 10 seconds and try to send your request again
500	Server internal error	The server is not operational	Wait for the server to work again

Term	Description	Examples
Scope	OAuth 2.0 scopes provide a way to limit the amount of access that is granted to an access token. For example, an access token issued to a client app may be granted READ and WRITE access to protected resources, or just READ access. You can implement your APIs to enforce any scope or combination of scopes you wish. So, if a client receives a token that has READ scope, and it tries to call an API endpoint that requires WRITE access, the call will fail	Get the state of plugs (plug.read), Control plugs (plug.write), Change comfort parameters (temperature setpoint,…) (comfort.write)
Application ID (client_id)	It is the unique authentication code of your application. You can find it in “My applications” by clicking on “Details”	3dd29288-cy59-41fa- b492-d8f8289149e7ed
JSON Web Tokens (JWT)	It is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. It’s used for authentication and information exchange
Client secret (client_secret)	It is a unique code sent by email at the approval of your application. You must keep it preciously because it can’t be sent back to you	p+.3tog736W52,f~73P3Dt2r
User consent	In order to use your application, the user must approve the scopes you defined. User consents are asked just once on the first connection, or each time you change the scopes
OpenID Connect protocol	Built on top of the OAuth 2.0, it fills the gaps on missing security concerns. It adds a new type of token – which is called id_token – that can be seen as an id card of the user. The format of this token is strictly defined to be compliant to the JWT standard, which is to sum up a JSON formatted, base 64 encoded and signed token
Id token (id_token)	An id_token cannot be used for API access. Each token contains information on the intended audience (recipient). According to the OpenID Connect specification, the audience (claim aud) of each id_token must be the client_id of the application making the authentication request	eyJ0eXAiOiJKV1QiLC JhbGciOiJSUzI1NiIsI…
Access token (access_token)	Access tokens are the thing that applications use to make API requests on behalf of a user. The access token represents the authorization of a specific application to access specific parts of a user’s data	eyJ0eXAiOiJKV1QiLC JhbGciOiJSUzI1NiIsImtpZ…
Refresh token (refresh_token)	A refresh token is a special kind of token that can be used to obtain a renewed access token —that allows accessing a protected resource— at any time. You can request new access tokens until the refresh token is blacklisted. Refresh tokens must be stored securely by an application because they essentially allow a user to remain authenticated forever	eyJraWQiOiJjcGltY29 yZV8wOTI1MjA…

You didn't find an answer to your question ?