Rest API

nklerk

i would like to use the rest API, I must be silly but I can't find the developer button on my homey under system to request an API key anyone have an idea?

MartijnHarte

I think, although Im not sure, that the developer button only shows up after you ran an app using Athom cli.

ErikVanDongen

You don't need an API key yet. The request API key functionality as described in the docs does not exists. You can authorize your calls with header: 'Authorization' = 'Bearer 123' where 123 is your bearer token (get it from your browser console/network debugger). 

PS: The developer option show up once you run an app from the cli.

nklerk

Thanks Erik,  You gave me a push in the right direction.

in the mean time i had created an app and couldn't find the API key  

nklerk

Sorry Erik, could you please push me again? 

I am able to get a rest (json) response, unfortunately its allays error 404 formated in json.

i am trying a simple get http://10.0.0.108/api
with or without the Authorization: Bearer ........... i always get a 404 status with content 404 formated in json.

when i get the described  /managers/devices/categories/
http://10.0.0.108/api/managers/devices/categories/ result = status 404 with Json content 404
http://10.0.0.108/managers/devices/categories/result = status 404

I have allso tried:
https://<homey-ID>.homey.athom.com/api/
same result: status 404 with Json content 404

  i must be missing the obvious... especially while i couldn't find any similar posts.

MarcoF

What are you trying to accomplish? 

nklerk

Well just playing around.

well i found what i was looking for:

curl --request POST --data "{\"text\": \"Hello world\"}" -H "Authorization: Bearer -----------------------------------------------" -H "Content-Type: application/json" http://10.0.0.108/api/manager/speech-output/

you can get the bearer ID by logging in to my.homey.com select your username, on the homey selection screen rightclick on your homey and copy the hex code string and use it as the Bearer.

Hopefully someone can easily use this.


My deurbel is going to send this post to my homey from this evening on, and ill kill the crappy relaid powered ringer. well not "hello world" but you get the idea.  

the API guide states managers opposed to manager. that's what went wrong.

looks like the get of /api to receive all API options inst working yet.

MarcoF

Watch out for the fact that after each password change (and/or login) the bearer token changes and your API will die.

nklerk

  each logon? 

MarcoF

Take a look at this topic;
https://forum.athom.com/discussion/1165/local-logon-not-possible-when-there-is-no-internet-connection

Maybe a WebHook is a better solution.

ErikVanDongen

@nklerk Sorry I missed your request for a push. Please use an @-mention next time. I'll get a notification that way.
The docs unfortunantly specify 'managers' endpoints for the API, where it must be 'manager' (without s).

bvdbos

@nklerk : I tried logging off and on but my bearer token stayed the same... Does anyone else have different experiences?

ErikVanDongen

Nope, mine is not changed since february.

GeurtDijker

MarcoF said:

Watch out for the fact that after each password change (and/or login) the bearer token changes and your API will die.

Where did you read about that fact? I cant find it.....

I tried logging out and logging on (in an incognito browser) and changed my PW....
And still I get the same Bearer Token....

I there a way to Reset the Bearer Token(s) in case of misuse of it? 

DaneeDeKruyff

The bearer token is a hash of your Athom Account password. 

Emile

Your Homey's bearer token is generated upon first-time setup or when a user is added.

The REST API docs are extremely outdated. Most calls can be observed in Chrome's inspector while using the Homey interface. Don't expect them to stay the same though.

bvdbos

@Emile : Could you change the function so that the bearer-token is changed with a change of the user-password? I wouldn't want to have to change my email-adress when I get hacked/sniffed, just my password...

DaneeDeKruyff

I totaly agree with @BasVanDenBosch having a static token which can not easily be changed by the user on the device itself is a poor design.

MatjaLipu

+1 on that!. Also having multiple ACL tokens would be great. This could be implemented incrementally. Starting with reseting bearer token.

Emile

Yes this will be implemented later. Also local SSL, so sniffing can't happen either way. 

nklerk

@Emile, Thanks for the Chrome's inspector tip. never thought about it lol.

DaneeDeKruyff

DaneeDeKruyff said:

I totaly agree with @BasVanDenBosch having a static token which can not easily be changed by the user on the device itself is a poor design.

After upgrading to 0.8.35 I did a reset and full wipe. I now have a new bearer token so there is a way to reset it, although I have no idea at which point it was changed (I did not alter anyting in my Athom account so that's not it)

caseda

@DaneeDeKruyff ;
I believe that it is created on the initial login (so during the setup when you login).

nklerk

I am now trying to get status information of my devices. and if possible from better logic while using the rest API. Again with 0 luck :-( can some one try to point my in the right direction?

curl http://10.0.0.108/api/app/nl.klikaanklikuit/ -H "Authorization: --------------------------------" -H "Content-Type: application/json"

caseda

KaKu has no separate API, but you will have to use the default REST API, but to explain the REST API now that the page is hidden is a bit difficult (including de api json overview).

Try looking at the Dashboard @swttt is creating that is using the REST API
https://forum.athom.com/discussion/1736/room-dashboards/p1

But now that you are talking about it.
@emile or @Annemarie ;
when is the REST API page coming back? updated and all

Annemarie

@caseda expect around Homey 1.0.0

DieterKoblenz

Annemarie said:

@caseda expect around Homey 1.0.0

Haha, so "soon"

MarcoF

Annemarie said:

@caseda expect around Homey 1.0.0

2.0 can feel like 1.0

https://athomcommunity.slack.com/archives/general/p1472217743008420

Expect nothing  

nklerk

Am I missing something? the REST API is already in place, what does it have to do with the 1.0 firmware?

DieterKoblenz

nklerk said:

Am I missing something? the REST API is already in place, what does it have to do with the 1.0 firmware?

They will not update the documentation regarding the api before. 

nklerk

Thanks for the tip to have a look at @swttt 's dashboard. i was already running his dashboard. never thought about it.

Let me share my findings and hope someone may be able to use it. Ill post some curl examples as many know how this works and are able to translate this in something useful.

First you will need to know your bearer token. this can be obtained by using the browser and login to https://my.athom.com when you are able to sellect your homey view the url. in the url you will find the bearer token.

In my examples ill use 0123456789abcdef0123456789abcdef as my bearer token
and i use 10.0.0.208 as my homey IP address.

Get zones:

curl -H "Authorization: Bearer 0123456789abcdef0123456789abcdef " -H "Content-Type: application/json" http://10.0.0.208/api/manager/zones/

Get all devices:
curl -H "Authorization: Bearer 0123456789abcdef0123456789abcdef " -H "Content-Type: application/json" http://10.0.0.208/api/manager/devices/

Get all devices within a zone:
curl -H "Authorization: Bearer 0123456789abcdef0123456789abcdef " -H "Content-Type: application/json" http://10.0.0.208/api/manager/devices/?zone=01234567-89ab-cdef-0123-456789abcdef

  ?zone=01234567-89ab-cdef-0123-456789abcdef you can find the zone id with the get zones:

Get Device:
curl -H "Authorization: Bearer 0123456789abcdef0123456789abcdef " -H "Content-Type: application/json" http://10.0.0.208/api/manager/device/01234567-89ab-cdef-0123-456789abcdef

Fill in the device ID. at the end like i used 01234567-89ab-cdef-0123-456789abcdef as a reference.