Homey Community Forum

Authentication Bearer token is changing?

#1

Hi there,

I’m using the Bearer token in order to launch flows from my Android widgets (in combination with an app to do http calls to homey and in combination with this app: https://apps.athom.com/app/com.internet

It works fine with the Bearer code, but today the Bearer code changed all of a sudden and my http API requests were not working anymore.

Anyone has any idea when the Bearer code changes and how I can mitigate this problem?

Thanks,
Tim

#2

This is in the firmware changelog for version 2.1.1: [Core] Sessions now expire after 1 day

Athom made using the bearer token unusable for the sake of “security”. Suggested solution for your usecase was to use the webhook trigger card from the logica cards. This however exposes an unprotected endpoint where only the URL itself can hold some sort of “token”. The full URL would still be logged by webservers however (unlike using a token with the authorization header) and is therefor actually less secure.

I switched to using MQTT triggers over a secured MQTT server.

Rest API call for setting asleep