Every request to the Nanoleaf OpenAPI requires an auth token. Tokens prove you have physical access to the device and prevent unauthorized control. Without one, you’ll see errors like 401 Unauthorized.
GETTING A TOKEN
1 - Enter pairing mode
For Light Panels, Shapes, Canvas, Lines, Elements: Press and hold the controller’s power button for 5–7 seconds until the LED flashes.
For Skylight: Open the Nanoleaf app > Device Settings > Connect to API.
2 - Request a token
Run this within 30 seconds of entering pairing mode:
curl -X POST http://192.168.1.120:16021/api/v1/newResponse:
{"auth_token":"xxxxxxxxxxxxxxxxxxx"}⚠️Treat tokens like passwords!
Save this string securely as it’s required for all API calls.
DELETING A TOKEN
If you want to revoke access:
curl -X DELETE http://192.168.1.120:16021/api/v1/{auth_token}Response
204 No ContentCommon Errors
401 Unauthorized
500 Internal Server Error
— — —
TOKEN LIFECYCLE
✅ Tokens last until the device is reset.
✅ A factory reset removes all existing tokens.
✅ Multiple apps/devices can each create their own token.
— — —
TROUBLESHOOTING
401 Unauthorized: Token is missing, expired, or invalid. Press the button again and re-request a token.
403 Forbidden: Request is not allowed. Re-pair to generate a new token.
404 Not Found: Check your IP/port (default: 16021).
422 Unprocessable Entity: Your JSON body has a typo.
Comments
0 comments
Article is closed for comments.