Products and Application Users

In this section we will create a product to represent the class of device in the weather station scenario, from which all instances can be created and share the same metadata. After that, we will create an Application User who will create and manage the devices they actually own.


## Creating a Product

Within a project, product resources are used to model classes of objects, and can be thought of as SKU-level data, or an object template. Products should contain all data that is common to all instances of the object type they represent, such as size, weight, color, model number, etc.

We will create a product now using the Operator API Key (as the manager of the account) to represent the model of our weather station. This is done using a POST /products request. At the same time, we will make sure it is scoped to the correct project to limit visibility using the project query parameter and the project ID.

Substitutions: :projectId

curl -H "Content-Type: application/json" \
  -H "Authorization: $OPERATOR_API_KEY" \
  -X POST 'https://api.evrythng.com/products?project=:projectId' \
  -d '{
    "name": "Atmospheric Evaluator",
    "description": "The third generation weather station device.",
    "photos": [
      "https://upload.wikimedia.org/wikipedia/commons/1/1b/Anemometer.jpg"
    ]
  }'
HTTP/1.1 201 Created
Content-Type: application/json

{
  "id": "UGfRNStEVDPat5waamA9gtXr",
  "createdAt": 1498468855054,
  "updatedAt": 1498468855054,
  "description": "The third generation weather station device.",
  "fn": "Atmospheric Evaluator",
  "name": "Atmospheric Evaluator",
  "photos": [
    "https://upload.wikimedia.org/wikipedia/commons/1/1b/Anemometer.jpg"
  ]
}

## Create an Application User

Now that the account, project, application, and product modelling the weather station device have been created, we need to create Platform resources modelling the actual weather station devices themselves. Since these will belong to/be managed by users of the mobile app, the requests to the API should be authenticated with the user’s Application User API Key, which has more appropriate sets of permissions centered around managing individual resources. In a real-world scenario, this change in authentication key represents the user creating their own Thngs after logging into the brand app.

Create an Application User using the Application API Key you made a note of earlier, or use a GET projects/:projectId/applications request to find it again. Make a POST /auth/evrythng/users request to create the user resource. Each user must supply at least their first name, last name, an email address, and a password.

curl -H "Content-Type: application/json" \
  -H "Authorization: $APPLICATION_API_KEY" \
  -X POST 'https://api.evrythng.com/auth/evrythng/users' \
  -d '{
    "firstName": "Brick",
    "lastName": "Tamland",
    "email": "[email protected]",
    "password": "s0m3p455w0rd"
  }'
HTTP/1.1 201 Created
Content-Type: application/json

{
  "evrythngUser": "U3Carr4FBDPw9pwRaDpb4s6s",
  "activationCode": "ZSBheeCF",
  "status": "inactive",
  "email": "[email protected]"
}

This is a two part process, in which the Application User will not receive an Application User API Key until their account is activated. In a real application, this is commonly achieved using a verification email, but for now, we will do this immediately using the API.

The Application User is activated by returning the activationCode value to the API in a POST /auth/evrythng/users/:evrythngUser/validate request.

Substitutions: :evrythngUser, :activationCode

curl -H "Content-Type: application/json" \
  -H "Authorization: $APPLICATION_API_KEY" \
  -X POST 'https://api.evrythng.com/auth/evrythng/users/:evrythngUser/validate' \
  -d '{
    "activationCode": ":activationCode"
  }'
HTTP/1.1 201 Created
Content-Type: application/json

{
  "status": "active",
  "evrythngUser": "U3Carr4FBDPw9pwRaDpb4s6s",
  "evrythngApiKey": "pCAHvdKAvei4jZCmt25aYxgz4AC1354gUx26Roy2j..."
}

The Application User is now activated, and their Application User API Key can be seen in the final response. This is the API key to use to manage resources that user should see and interact with within the project. Make a note of this API key now. We will use it in the next section.