Michael Helped a lot with the issue and he found out that they recently changed the TTL for the step 1 code to 20 seconds. Authentification must then be done with a script in order to be fast enough. Here's an example providing that you can setup a local apache server on port 4200 or add another valid "Redirect URI" of your choice to the API client. index.php file accessible at http://localhost:4200 <?php $clientid='xxx'; //your actual client id $code_verif='2e21faa1-db2c-4d0b-a10f-575fd372bc8c-575fd372bc8c'; //viessmann's working code verif example $url = 'https://iam.viessmann.com/idp/v2/token'; $data = array( 'grant_type'=>'authorization_code', 'client_id'=>$clientid, 'redirect_uri' => 'http://localhost:4200/', 'code_verifier' => $code_verif, 'code'=>$_GET['code']); $options = array( 'http' => array( 'header' => "Content-type: application/x-www-form-urlencoded\r\n", 'method' => 'POST', 'content' => http_build_query($data) ) ); $context = stream_context_create($options); $result = file_get_contents($url, false, $context); var_dump($result); ?> After that just call https://iam.viessmann.com/idp/v2/authorize?client_id=###your actual client id###&redirect_uri=http://localhost:4200/&response_type=code&code_challenge=2e21faa1-db2c-4d0b-a10f-575fd372bc8c-575fd372bc8c&scope=IoT User offline_access from a browser (don't forget to change ###your actual client id### to the correct value, the code_challenge value is the one from viessmann's example (a working one). After you log in with your viessmann account it'll redirect to your localhost:4200 script and get you the step 2 access and refresh token. Hope it helps 🙂
... Mehr anzeigen
