Jump to content

Home Assistant -- noob REST questions


GaryK4

Recommended Posts

I have HA OS up and running on a Pi3+ with all ISY devices working well. I couple of years ago, I created a Pi display of major ISY devices with led alerts if the garage is open. (2) Insteon LED lights are dead and I replaced then with Kasa smart bulbs. They work fine in HA.

To date, I can not figure out how to get REST to work and I am not getting help from the HA forum.
From the display PI, I need to:

  • Check the status of the Kasa bulbs (on, off).
  • Sent a command to HA to turn the bulb on or off.

 I have tried commands like the following from my PC to the HA, but it failed (get 401: Unauthorized)
curl -X GET -H “Authorization: Bearer ABCDEFGH”

-H “Content-Type: application/json” http://localhost:8123/api/states

I tried both REST and curl.
This must be something basic. So once I get one working, I will have a model to go forward.

Link to comment

Also, are you using HTTP or have you set up any SSL/HTTPS on your HA Instance?

Just to confirm the following worked fine for my instance on HA 2022.8.3

curl -X GET -H "Authorization: Bearer LONGLIVEDACCESSTOKEN" -H "Content-Type: application/json" http://homeassistant.local:8123/api/states

 

Link to comment
3 minutes ago, shbatm said:

Also, are you using HTTP or have you set up any SSL/HTTPS on your HA Instance?

Just to confirm the following worked fine for my instance on HA 2022.8.3

curl -X GET -H "Authorization: Bearer LONGLIVEDACCESSTOKEN" -H "Content-Type: application/json" http://homeassistant.local:8123/api/states

 

I am using HTTP.
I took your command and placed my token in to it. Then pasted it in to a windows command window. I get 401:   Unauthorized

I pasted http://homeassistant.local:8123 on my PC's Chrome browser and it did display HA.

Do I need to create a new Token?

Link to comment

Some other things to try:

1. Try a new LLAT just in case.

2. use the mDNS name (usually `homeassistant.local` or IP address instead of localhost, just to confirm it's not a listening issue

3. Make sure your user with the LLAT is an Administrator (check here: http://homeassistant.local:8123/config/person)

Also, attaching a script I've used for controlling a HA plug with a Raspberry Pi GPIO, just in case it helps.

3d_printer_power.py

Link to comment
13 minutes ago, shbatm said:

Also, are you using HTTP or have you set up any SSL/HTTPS on your HA Instance?

Just to confirm the following worked fine for my instance on HA 2022.8.3

curl -X GET -H "Authorization: Bearer LONGLIVEDACCESSTOKEN" -H "Content-Type: application/json" http://homeassistant.local:8123/api/states

 

I am running HA OS on a Rpi 3+ not the Docker version. Does that matter?

Link to comment
19 minutes ago, shbatm said:

Some other things to try:

1. Try a new LLAT just in case.

2. use the mDNS name (usually `homeassistant.local` or IP address instead of localhost, just to confirm it's not a listening issue

3. Make sure your user with the LLAT is an Administrator (check here: http://homeassistant.local:8123/config/person)

Also, attaching a script I've used for controlling a HA plug with a Raspberry Pi GPIO, just in case it helps.

3d_printer_power.py 2.13 kB · 1 download

We must be running a different version. When I click on your #3 link, if just brings up HA with Settings hi-lite.
I have to go to Settings, people, select myself. There, I see admin for me. Currently, I am the only user.

 

My Version.
Home Assistant 2022.8.6Supervisor 2022.08.3Operating System 8.4Frontend 20220802.0 - latest

The script may be helpful going forward. I just got into 3D printing as well. I have a Prusa i3 MK3s+ for about a month. Love it.

Link to comment
10 minutes ago, GaryK4 said:

I am running HA OS on a Rpi 3+ not the Docker version. Does that matter?

Are you trying to run your script on the Pi or from another computer? It shouldn't matter (Docker vs HA OS) if it's from another computer. Mine is from a WSL terminal to HA OS on a VM. It may be a little squirrelly if trying to do it from within HA OS on the same pi.

If you have the SSH & Terminal add-on, you can try it from the terminal and see if it works.

 

2 minutes ago, GaryK4 said:

What is the significance of the LLAT name when it is not user?

Nothing -- just to be able to distinguish tokens down the road if you have multiple and need to delete one.

 

Do you have anything customized in your configuration.yaml file like removing `default_config:` or `frontend:` (frontend is included in default_config so one or the other), or restrictions under `http:`?

Link to comment

Another thing to check is running the curl command with a '-v' flag, just so it prints the headers and you can make sure nothing is getting mis-quoted, truncated, etc.

curl -X GET -H "Authorization: Bearer LONGANNOYINGTOKEN" -H "Content-Type: application/json" -vv http://hass:8123/api/
Note: Unnecessary use of -X or --request, GET is already inferred.
*   Trying 192.168.x.x:8123...
* Connected to hass (192.168.x.x) port 8123 (#0)
> GET /api/ HTTP/1.1
> Host: hass:8123
> User-Agent: curl/7.74.0
> Accept: */*
> Authorization: Bearer LONGANNOYINGTOKEN
> Content-Type: application/json
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK
< Content-Type: application/json
< Content-Length: 26
< Date: Fri, 19 Aug 2022 20:27:00 GMT
< Server: Python/3.10 aiohttp/3.8.1
<
* Connection #0 to host hass left intact
{"message":"API running."}% 

 

Link to comment
31 minutes ago, shbatm said:

Are you trying to run your script on the Pi or from another computer? It shouldn't matter (Docker vs HA OS) if it's from another computer. Mine is from a WSL terminal to HA OS on a VM. It may be a little squirrelly if trying to do it from within HA OS on the same pi.

If you have the SSH & Terminal add-on, you can try it from the terminal and see if it works.

 

Nothing -- just to be able to distinguish tokens down the road if you have multiple and need to delete one.

 

Do you have anything customized in your configuration.yaml file like removing `default_config:` or `frontend:` (frontend is included in default_config so one or the other), or restrictions under `http:`?

I don't have customization in configuration.yaml

I don't see any default_config. Where is this located?

restrictions under `http:` ??? Where would this be?

I am running the script on other computers. Windows 11 or another Pi. Both have the same error.

Link to comment
38 minutes ago, shbatm said:

Another thing to check is running the curl command with a '-v' flag, just so it prints the headers and you can make sure nothing is getting mis-quoted, truncated, etc.

curl -X GET -H "Authorization: Bearer LONGANNOYINGTOKEN" -H "Content-Type: application/json" -vv http://hass:8123/api/
Note: Unnecessary use of -X or --request, GET is already inferred.
*   Trying 192.168.x.x:8123...
* Connected to hass (192.168.x.x) port 8123 (#0)
> GET /api/ HTTP/1.1
> Host: hass:8123
> User-Agent: curl/7.74.0
> Accept: */*
> Authorization: Bearer LONGANNOYINGTOKEN
> Content-Type: application/json
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK
< Content-Type: application/json
< Content-Length: 26
< Date: Fri, 19 Aug 2022 20:27:00 GMT
< Server: Python/3.10 aiohttp/3.8.1
<
* Connection #0 to host hass left intact
{"message":"API running."}% 

 

C:\Users\gkahr>curl -X GET -H "Authorization: Bearer LONGANNOYINGTOKEN" -H "Content-Type: application/json" -vv http://homeassistant.local:8123/api/states
Note: Unnecessary use of -X or --request, GET is already inferred.
*   Trying fe80::bfa6:f085:6c82:aae1:8123...
* Connected to homeassistant.local (fe80::bfa6:f085:6c82:aae1) port 8123 (#0)
> GET /api/states HTTP/1.1
> Host: homeassistant.local:8123
> User-Agent: curl/7.83.1
> Accept: */*
> Authorization: Bearer LONGANNOYINGTOKEN
> Content-Type: application/json
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 401 Unauthorized
< Content-Type: text/plain; charset=utf-8
< Content-Length: 17
< Date: Fri, 19 Aug 2022 21:22:46 GMT
< Server: Python/3.10 aiohttp/3.8.1
<
401: Unauthorized* Connection #0 to host homeassistant.local left intact

Link to comment

If you haven't changed anything in configuration.yaml then don't worry about the default_config and http: comments. (default_config is the first line in the configuration.yaml file by default. http: allows you to add restrictions on IPs and proxies, etc).

I'm about at a loss of things to try.

Enable the debug logging level to see if there is anything helpful when you try to connect:

- Developer Tools > Services > Logger: Set Default Level 

- In the yaml box:

service: logger.set_default_level
data: 
  level: debug

- Call Service (don't restart after, this won't persist across restarts unless you add it to configuration.yaml)

- Then watch the logs under Settings > System > Logs > Load Full Logs

 

About the only other thing I'd say is you can try to disable IPv6 (Settings > System > Network) and then try just over IPv4.

Link to comment

Last thing: and not to insult your intelligence here, but asking the stupid questions:

For the long-lived access token, you are not using the name of the token, correct? You need to use the full string it gives you when created (e.g.: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJiYzlkODU5NjM0MTc0MDI1ODRkZDIwMDcyN2MxMGMwMCIsImlhdCI6MTY2MDk0NjEyNCwiZXhwIjoxOTc2MzA2MTI0fQ.xP0aUadYH8nyf4F8-eBR39RPgtRW1LjLPdpkrj7bkEI)

Link to comment
11 minutes ago, shbatm said:

Last thing: and not to insult your intelligence here, but asking the stupid questions:

For the long-lived access token, you are not using the name of the token, correct? You need to use the full string it gives you when created (e.g.: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJiYzlkODU5NjM0MTc0MDI1ODRkZDIwMDcyN2MxMGMwMCIsImlhdCI6MTY2MDk0NjEyNCwiZXhwIjoxOTc2MzA2MTI0fQ.xP0aUadYH8nyf4F8-eBR39RPgtRW1LjLPdpkrj7bkEI)

No insult taken!
I am (thought) using the full string. However, I saw that your string was MUCH longer than mine.
Somehow when coping the code it was only giving me 43 characters.

I create a new key and triple clicked and got the full string. Not quite sure about the double / triple click.
In any event, the new full length key WORKS !!!
I knew it had to be something simple.
I am glad you showed the longer string.

Old string: 0aOBp9subDiwWj5qFNo8kyNIpc05hurMT5SMmdiWsAs

Thanks for all your help. I have plenty to test now.

Link to comment

Good! Glad it was something simple. Guessing it was only selecting to the first ".". I know I've had issues before with shell scripts not liking it containing some special characters ("_" or " ' "), so just another couple gotchas to keep an eye out for in your testing.

 

Link to comment
Guest
This topic is now closed to further replies.

×
×
  • Create New...