• Docs
Show / Hide Table of Contents
  • Introduction
  • OneSense.io
    • Agreement Service
    • Login
    • Home page
    • GeoConfiguration
      • Regions
      • Locations
    • Devices
      • Device Profiles
      • Devices
      • Device Config
      • Device Groups
      • Pump Controller
      • Device Anomalies
    • Dashboards
      • Dashboards
      • Dashboard Templates
    • Operations
      • Rules
      • Sliding Window Rules
      • Timer Rules
      • Snowflake Rules
      • Alerts
      • Actions
      • Device Updates
    • Analytics
      • Device Availability
      • Device Alert Dashboard
    • Assets
    • Administration
      • Users
      • Roles
      • Subscription
      • Settings
      • External Applications
  • OneSense BLE Application
    • OneSense BLE App
  • OneSense Monitoring Station
    • Assembly Guide

External Applications


The External Applications section allows you to register and manage third-party integrations that can securely access your device data. Each external application is issued a unique Client ID and Client Secret for authenticated access.


Alt Text


Alt TextThe External Applications page displays all registered applications in a table with the following columns:

  • External Application Name
  • Created At – date and time the application was registered
  • Status – current state (Enabled / Disabled)

Create New Application

Alt TextClick the Create New External Application button on the top-right of the page.


Alt Text


Alt TextIn the creation form, fill in the required fields:

  • Application Name – Enter a unique, descriptive name for the external application.
  • Expiration Date – Select the date on which the application credentials will expire.
  • Include Anomalies - Currently reserved for future functionality
  • Device – Select devices whose data the application can access.
  • Device Groups – Optionally select a device group to include all devices within it

Alt TextClick Save to register the application.

Upon successful creation, a confirmation dialog will appear displaying the application credentials:


Alt Text


Alt TextThe dialog shows the Client ID and Client Secret for your new application.

Alt TextUse the eye icon buttons to reveal/hide the values, then copy them to a secure location.

NOTE: Please copy and securely store the secret key for future use. The Client Secret and Client Id will NOT be shown again after you close this dialog.

Alt TextClick Done to close the dialog. The application will now appear in the list.

Each application in the list has a three-dot menu (⋮) on the right side. Clicking it reveals the following actions:


Alt Text


View

Alt TextSelect View from the actions to open the read-only External Application Details.


Alt Text


This action displays all configured properties of the application including Application Name, Expiration Date, Include Anomalies setting, selected Device, and Device Groups.

Edit

Alt TextSelect Edit from the dropdown to open the Update External Application Details.


Alt Text


Alt Text Modify any of the following fields as needed:

  • Application Name
  • Include Anomalies toggle
  • Device selection
  • Device Groups selection

Alt TextClick Update to save your changes, or Cancel to discard them.

Delete

Alt TextSelect Delete from the actions to remove an external application.

Rotate Secret

Alt Text Select Rotate Secret from the actions to generate a new Client Secret for the application.

Alt Text A confirmation dialog will appear. Confirm the action to proceed with rotation.

Alt TextUpon confirmation, the system will generate a new Client Secret and display a success message:

  • The dialog will show the Client ID (unchanged) and the new Client Secret
  • Use the eye icon to reveal each value, then copy them to a secure location.

Alt Text Click Done to close the dialog.

Disable / Enable

Alt Text Select Disabled from the actions to deactivate an active external application.

Alt Text The application's Status in the list will change from Enabled to Disabled.



API Integration

Once an External Application is created and its credentials are secured, you can use the Client ID and Client Secret to authenticate and stream live device telemetry into any external system — a web page, a Python application, a Grafana dashboard etc

Alt TextThis guide walks through the complete integration process in two steps:

  • Step 1 — Obtain an Access Token using your credentials
  • Step 2 — Connect to the Streaming Endpoint using that token

Generate an Access Token

Before calling any API endpoint, your application must exchange its Client ID and Client Secret for a Bearer token. This token acts as a temporary pass — it is valid for approximately 60 minutes, after which your application must request a new one.

Alt TextToken Endpoint:

  • Method: POST
  • URL: https://onesenseapi.azurewebsites.net/connect/token
  • Content-Type : x-www-form-urlencoded

Alt TextRequest Body Parameters

  • grant_type: client_credentials (fixed value — always use this)
  • client_id: Your application's Client ID
  • client_secret: Your application's Client Secret

Alt TextA 200 OK response contains a JSON object with an access_token field.

Alt TextNOTE: Access tokens are short-lived (typically 60 minutes). Your application should detect 401 Unauthorized responses and request a fresh token using the same Client Credentials flow.

Alt TextTesting the Token Request in Postman:

The screenshot below shows a correctly configured token request in Postman. The Body tab is set to x-www-form-urlencoded with all three required fields populated.


Alt Text


Alt Text Set the method to POST and enter the token URL.

Alt TextUnder the Body tab, select x-www-form-urlencoded.

Alt TextAdd the three key-value pairs: grant_type, client_id, and client_secret.

Alt Text Click Send. A 200 OK response means the token was issued successfully.


Connect to the Streaming Endpoint using that token

The telemetry streaming endpoint uses Server-Sent Events (SSE). Once connected with a valid Bearer token, the server pushes device data in real time as events arrive

Server-Sent Events (SSE) is a streaming technology that allows the server to continuously send real-time updates to a connected client over a single HTTP connection.

Alt TextStreaming Endpoint:

  • Method: GET
  • URL: https://onesenseapi.azurewebsites.net/v1/stream/telemetry
  • Accept : text/event-stream
  • Auth : Bearer

Alt TextWhat Happens When You Connect

  • Your application opens an HTTP GET request to the streaming URL, passing the Bearer token in the Authorization header.
  • The server validates the token signature and reads the embedded claims — specifically the tenant ID, device IDs.
  • The server returns HTTP 200 with Content-Type: text/event-stream, keeping the connection open (no response body closes immediately).
  • As telemetry data arrives from your permitted devices, the server pushes each reading as a text/event-stream event down the open connection.
  • Your application reads events in a loop. Each event is a JSON payload you can parse and display.
  • The stream continues until the token expires, the device goes offline, or your application closes the connection.

Display the Live Data

Once connected, your application receives a continuous stream of JSON events. The examples below show how to integrate the stream in two common environments: a browser-based HTML page and a Python backend service.

Example: Python Script

The streaming API can be integrated with Python scripts to receive and display live telemetry data.

Alt TextUser Provides Application Credentials like Client ID and Client Secret. These credentials are generated when the External Application is created in OneSense.

Alt TextThe Python script sends a request to the token endpoint using the provided Client Credentials.

Alt TextThe authentication server validates the credentials and returns:

  • Access Token
  • Token expiration details

Alt TextThe Access Token is then used for authenticating streaming requests.

Alt Text After generating the Access Token, the Python application connects to the telemetry streaming endpoint.

Alt Text Once connected:

  • The connection remains active
  • The server continuously pushes telemetry updates
  • The Python application receives events in real time

Alt Text Python Dependencies:

  • requests: Handles HTTP API communication
  • sseclient: Reads Server-Sent Events (SSE) streams
  • json: Parses telemetry JSON payloads

Alt Text How the Script Works:

  • Open a terminal or command prompt in the project directory.
  • Run the Python script using the following command: py projectfilename.py
  • The application prompts for the Client ID and Client Secret.

  • Alt Text


  • After entering valid credentials, the application generates an Access Token and connects to the telemetry stream.

  • Alt Text


  • Once the device starts sending telemetry, the console continuously displays live telemetry events in JSON format

  • Alt Text


Example: HTML Web Page

You can build a simple real-time dashboard directly in an HTML page using JavaScript.

Alt Text The web application first sends a request to the token endpoint using the External Application credentials:

  • grant_type: client_credentials (fixed value — always use this)
  • client_id: Your application's Client ID
  • client_secret: Your application's Client Secret

Alt Text Server validates these credentials and returns a short-lived Bearer Access Token.

Alt TextThis token is required for accessing telemetry streaming endpoint.

Alt TextOnce the Access Token is generated, the application connects to the telemetry streaming endpoint using the Bearer token.

Alt Text The streaming API uses Server-Sent Events (SSE), which allows the server to continuously push telemetry updates to the connected application.

Alt Text After the connection is established:

  • The connection remains open
  • The server continuously streams telemetry events
  • Device readings are delivered in real time
  • The application can immediately display or process incoming data

Alt TextBrowser and SSE Support:

  • The telemetry streaming API uses Server-Sent Events (SSE) for real-time communication.
  • Most modern browsers support SSE connections, allowing web applications to receive streaming telemetry updates efficiently.

Alt TextDevice Access Control:

The streaming API only returns telemetry data for devices that the External Application is authorized to access. When the Bearer token is validated:

  • The tenant information is extracted from token claims
  • Authorized device permissions are verified
  • Only permitted telemetry data is streamed to the application

Alt TextHow to Run the HTML Web Application:

  • Open the project folder in Visual Studio Code or any code editor.
  • Open a terminal in the project directory and run the following command to start the Node.js backend server: node server.js
  • Next, open the HTML file using Live Server or any local web server.
  • The telemetry dashboard UI opens in the browser.

  • Alt Text


  • Enter the Client ID and Client Secret generated from the External Application.
  • Click Generate Token to request an Access Token from the OneSense authentication API.
  • After successful authentication, the generated Bearer token is displayed in the Access Token section.
  • Click Connect Stream to establish the telemetry streaming connection.
  • Turn on the authorized device or start sending telemetry data from the device.
  • As telemetry events arrive, the dashboard displays live JSON telemetry data in real time.

  • Alt Text


Security Recommendations

  • Never expose the Client Secret in public applications or repositories.
  • Store credentials securely using environment variables or secret management tools.
  • Use HTTPS for all API communication.
  • Rotate Client Secrets periodically for improved security.
Previous
Settings
Next
OneSense BLE App