Netatmo is removing the Client Credential authentication by October 2022

[djiwondee]

Helly everybody,

I guess this plugin is using the Netatmo API as for example other node-red-contribs, e. g.

• https://github.com/ssadams11/node-red-contrib-netatmo
• https://github.com/guidone/node-red-contrib-netatmo-dashboard

I wonder what will you do by end of October 2022. Netatmo is removing the Client Credential authentication:

Netatmo API Security Update

Dear Netatmo developer,

To improve the security of our products, we inform you that the Client Credentials grant type method will be completely removed. It will no longer be possible to authenticate with the username and password of the user.

The effective date of this update is October 2022.

How can you authenticate with Netatmo API ?
From this date, the OAuth2 authorization code flow must be followed for authentication.

They intend to switch to OAuth2 only, where tokens will expire after 3 hrs.

• https://dev.netatmo.com/apidocumentation/oauth#authorization-code
  So reauthenticate within node-red would probably require user interaction and redeployment (every 3 hours...).

There are some interesting reading of issues in both of the contribs mentioned above:

• Netatmo API Security Update - is the node ready? ssadams11/node-red-contrib-netatmo#27
• API change - OAuth2 authorization from October possible? guidone/node-red-contrib-netatmo-dashboard#19

But a solution isn't at the horizon right now...

@planetk Do you plan to update / rewrite this plugin?

[sorriso93]

no news I imagine...

[djiwondee]

I wonder, this Netatmo contrib is still working. No glue whether Netatmo has activated this breaking change!

[julien94800]

Hello, this issue has been covered in issue #62, so it's now working with new authentication method on last plugin version

[julien94800]

Oups sorry i just noticed it's an other repo. The repo who managed this issue is the one from Skrollme, Homebridge eveatmo plugin