We’re excited to announce that starting with the next Ezlo Linux firmware update ( ETA: end of next week) we’re adding support for HTTP for our hub API, besides web sockets.
You can take a look at the documentation: HTTP_server_API.pdf (63.3 KB)
Please share your feedback for the document below.
This is why it needs to be simple for dummies HAHA,
OK can we back up a bit ?
I now have my Atom up and running and I have some devices and scenes added into the Atom.
I have an Everspring appliance plug paired to the Atom. In the Vera mobile app I have no way of looking up the device ID or the scene number of a particular scene, so that is the first problem I have. I need to find out what these ID values are first some how ?
User tokens and authentication headers you might as well be talking in Greek. This is why the current Vera Luup Requests is so easy to use as you don’t need any of that.
The LAN IP address of my Atom is 192.168.0.243 so for dummies can you explain how we send a HTTP command to the Atom to turn on the Everspring appliance plug ?
Yep, doc is still too simplified. Anyway, you should be able to get both from api tool.
If I remember correctly, it was documented by @reneboer on his post announcing Ezlo bridge for openluup.
You’ll need a curl command at least. I’ll probably add headers to my plugin for virtual devices to support Vera’s devices to call Ezlo one locally and directly. But right now I’m at the beach place and not near a PC - pririoties
Maybe I have something on my PC at home. I’ll be back in a week.
All that said, this is good from a security point of view, but could makes things complex. I don’t know their plans, but similar solutions (home assistant, zway server) have the ability to flag a token as never expiring. Unfortunately this firmware is still too new and it’s still missing a proper web gui, so we’re just here speculating.
I wish they just added an ip white list for http commands instead of this, but it’s probably doable as external plugin/program running on the same box.
It would be great, i can start transferring part of my devices to ezlo and not loose automations with devices / plugins not supported by ezlo.
One quick question to ezlo team, what will happen if we send 20 http commands to different devices at same time?
Exactly, but not “could” it will make things more complex for local LAN devices and apps to control the Ezlo hub.
Have them turn it off by default out of the box if they must.
But still the requirement is still there for a like for like replacement for the current Vera Luup Requests functionality that does not require authentication.
What is the security concern anyway?
It’s not like we are going to directly open up the local HTTP API port on our router firewalls from the WAN to the LAN via port forwarding.
And personally I have an encrypted always on VPN tunnel protecting the whole LAN.
So unless the Mios cloud is somehow compromised what do I really have to worry about?
Anything is better than us being forced upon with Web sockets and user auth and tokens that will break current Vera functionality and integrations we have now on our LANs.
@melih This is the one topic that is really concerning me about the whole Ezlo platform, that and no signs of a proper logic engine.
Can you step in and make a decision about this local HTTP API and if we will be forced to use user authentication or not?
That doesn’t include all the current third party Vera plugins we will be losing however. Thinking particularly of the 3rd party Logitech Harmony plugin amongst others.
But yes hopefully we are going to have far more natively integrated Z-Wave and Zigbee devices on the Ezlo platform and a whole new world of none Ezlo supported devices integrated via Alexa / Google Home and Ezlo VOI.
I have built an IOS APP loaded on several wall mounted iPads that rely on HTTP API to periodically fetch all the devices status:
“http://(Constant.veraIP):3480/data_request?id=sdata&loadtime=(loadtime)&dataversion=(dataversion)&timeout=60&minimumdelay=2500”
I am not sure we have something similar to get everything in one shot (full update) then partial update only for the devices that changes status.
The App also uses HTTP API to turn on/off/dimm devices and run scenes.
Without this my App (and other integrations) will be broken.
I am actually getting the devices instant status change via the MQTT plugin, push instead of continuous pull, so integrating MQTT natively to get/set devices will make life a lot easier
The response from the Ezlo staff about a local http Api without forced authentication is silent.
No Vera Luup Requests direct replacement is being offered it appears.
So tell me what is my username and token?
And is this token peristant? Or does it expire?
With this information I can work out my curl commands however lots of other LAN integrations will be broken without simple one line http commands with no authentication to control the Ezlo hub on your own internal LAN.