v1 API does not use oauth.
Decoded - EvoHome API access to control remotely.
Collapse
X
-
Originally posted by gordonb3 View PostI was wrong in my earlier reply. This is in fact the older (v1) API but it depends on the application ID whether functions are accessible.
Reason for me rechecking BTW is that Honeywell appears to have changed something to the API, at least for this particular Application ID. Session keep-alive no longer functions and I have a feeing that this may be related to a recent email in which they told me that there is an updated version of the phone app. By inserting this annoyance they appear to want to give people an extra push that they should update. The big question here is: does this mean that they will be invalidating this Application ID somewhere in the near future?
Also, I've just checked my python client for the V1 API which has support for saving and reusing session state without reauthenticating and it is still definitely working.
I can perform a query which goes through a full authentication and saves the session state, then deliberately fudge the password and run it again and it retreives valid results - this proves that the second poll used the saved session state and did not rely on using the password.
It's possible that the amount of time the session remains valid (previously 15 minutes) has changed - my client does not have any hard coded delay, if it has a saved session it always tries to use it and if it fails it then falls back to full username and password authentication automatically and saves the newly aquired session state.
In my application I call the API every 5 minutes and that seems to be frequently enough that it can perpetually use the saved session and almost never reauthenticate.Last edited by DBMandrake; 14 December 2019, 11:15 PM.
Comment
-
-
v1 API never had something like a "session state". As long as you kept polling the API within the assigned ID's expiration time the server would reset the timer. As such, from the client side it was static and did not require any special actions to keep the session alive. I'm unsure when it changed, I don't really watch the system every minute or even every day, but currently the session is ended after 15 minutes from when it was started, regardless of how recent the last call you made has been.
Edit: renewal of v1 sessions started failing last Thursday (12/12) around 8:19 CET (the session was ended by 8:35).Last edited by gordonb3; 15 December 2019, 10:11 AM.
Comment
-
-
Originally posted by gordonb3 View Postv1 API never had something like a "session state". As long as you kept polling the API within the assigned ID's expiration time the server would reset the timer. As such, from the client side it was static and did not require any special actions to keep the session alive. I'm unsure when it changed, I don't really watch the system every minute or even every day, but currently the session is ended after 15 minutes from when it was started, regardless of how recent the last call you made has been.
Edit: renewal of v1 sessions started failing last Thursday (12/12) around 8:19 CET (the session was ended by 8:35).
Comment
-
-
Guys I am trying to make the hot water controls to work but no joy.(this is in lua portion code).
I have managed to get the temp for Heating, Hot Water and control the Heating.
I am using the api v1.
Tbe end point i am using for controlling the Hot water is
with these headers
headers = {
["sessionId"] = sessionId,
["Content-Type"] = "application/x-www-form-urlencoded",
["Accept"] = "*/*"
but I am not sure about the body.
Can someone indicate which body shall I use for controlling the hot water and if the endpoint is correct?
Comment
-
-
Originally posted by 03397 View PostGuys I am trying to make the hot water controls to work but no joy.(this is in lua portion code).
I have managed to get the temp for Heating, Hot Water and control the Heating.
I am using the api v1.
Tbe end point i am using for controlling the Hot water is
with these headers
headers = {
["sessionId"] = sessionId,
["Content-Type"] = "application/x-www-form-urlencoded",
["Accept"] = "*/*"
but I am not sure about the body.
Can someone indicate which body shall I use for controlling the hot water and if the endpoint is correct?
The API is documented here: https://mytotalconnectcomfort.com/WebApi/Help/LogIn (use your application ID in the top form entry to login)
Example implementations:
- https://github.com/watchforstock/evohome-client (python)
- https://github.com/gordonb3/evohomeclient (c++)
- https://github.com/reines/evohome-client (java)
Comment
-
-
Originally posted by gordonb3 View PostThat will depend on the action you are trying to push and I think there are plenty of existing implementations that explain better what should be in the body than I could do here in some format that you may or may not be able to follow.
The API is documented here: https://mytotalconnectcomfort.com/WebApi/Help/LogIn (use your application ID in the top form entry to login)
Example implementations:
- https://github.com/watchforstock/evohome-client (python)
- https://github.com/gordonb3/evohomeclient (c++)
- https://github.com/reines/evohome-client (java)
Thanks for your reply.
I have found these and I have based my code on this. Everything is working except the control of hot water.
What I am trying to do here is to turn on the hot water for a specified amount of time.
The API documentation does not have an explanation for the hot water.
I have this code(based on the links) LUA
HWStatus= "Temporary"
HWMode= "DHWOn"
getEpochTime=os.time(os.date("*t"))+addedTime
HWNextTime=os.date("%Y-%m-%dT%H:%M:%S", getEpochTime)
HWSpecialModes=""
HWHeatSetpoint=""
HWCoolSetpoint=""
self:debug("Full date", HWNextTime)
local requestBody = "Status=" .. HWStatus .. "&Mode=" .. HWMode .. "&NextTime=" .. HWNextTime .. "&SpecialModes=" .. HWSpecialModes .. "&HeatSetpoint=" .. HWHeatSetpoint .. "&CoolSetpoint=" .. HWCoolSetpoint
self.http:request("https://mytotalconnectcomfort.com/WebApi/api/devices/xxZONEIDxx/thermostat/changeableValues/", {
options = {
data = requestBody,
method = "PUT",
headers = {
["sessionId"] = sessionId,
["Content-Type"] = "application/x-www-form-urlencoded",
["Accept"] = "*/*"
}
but I am getting this
[24.02.2021] [10:54:30] [DEBUG] [QUICKAPP195]: Full date 2021-02-24T11:24:30
[24.02.2021] [10:54:31] [DEBUG] [QUICKAPP195]: [ { "code": "ForbiddenParameter", "message": "'CoolSetpoint' is forbidden."
[24.02.2021] [10:54:31] [DEBUG] [QUICKAPP195]: response status: 400
I am pretty sure the there is something wrong with the values of the body but I did not manage to find anything.
Your help will be really appreciated.
Comment
-
-
Originally posted by William View PostHi, I think the HW device is not thermostat but dometicHotWater.
I use this endpoint to control the HW:
"https://tccna.honeywell.com/WebAPI/emea/api/v1/domesticHotWater/xxZONEIDxx/state/"
Can you please post the headers and the body of your request?
Comment
-
-
-
Originally posted by 03397 View PostWhich application id is this? I use 91db1612-73fd-4500-91b2-e63b069b185c
Can you please post the headers and the body of your request?
Header:
$Header = array('Authorization:bearer ' . $_SESSION[token] ,
'applicationId=b013aa26-9724-4dbd-8897-048b9aada249',
'Accept=application/json, application/xml, text/json, text/x-json, text/javascript, text/xml');
Body to set HW:
$url = BASEURL . 'domesticHotWater/xxHWZONEIDxx/state';
$Result = CURL($url, $Header, 'PUT', 'State=1&Mode=2&UntilTime='.$time, true);
Comment
-
-
Originally posted by William View PostMy application ID is b013aa26-9724-4dbd-8897-048b9aada249.
Header:
$Header = array('Authorization:bearer ' . $_SESSION[token] ,
'applicationId=b013aa26-9724-4dbd-8897-048b9aada249',
'Accept=application/json, application/xml, text/json, text/x-json, text/javascript, text/xml');
Body to set HW:
$url = BASEURL . 'domesticHotWater/xxHWZONEIDxx/state';
$Result = CURL($url, $Header, 'PUT', 'State=1&Mode=2&UntilTime='.$time, true);
Do you have any idea if the application id I have supports hot water?
I have found out that it is supported. Can you please give me any help on this using my application id?
Comment
-
-
Originally posted by 03397 View PostYes I thought so. Different application id. I cannot use endpoint with the application id. I need to rewrite my code.
Do you have any idea if the application id I have supports hot water?
I have found out that it is supported. Can you please give me any help on this using my application id?
Comment
-
Comment