Hey cw-kid! Your CW’s IDIOT GUIDE has been very helpful, thank you for putting that together!
I found something that’s working right now, I’m just not confident that it’ll be supported long term since I can’t find any documentation on it… but here’s what I did:
- Following Python Script for Ezlo FW HTTP API Curl commands I saw we could get the
Identity
andIdentitySignature
by doing a:
GET https://vera-us-oem-autha11.mios.com/autha/auth/username/{USER_NAME}?SHA1Password={SHA1_PASSWORD_FROM_SCRIPT}&PK_Oem=1&TokenVersion=2
- Using the Ezlo API Tool, and inspecting the requests with the Chrome DevTools, I noticed they were making this call (I’m not sure if this domain will always be around):
GET https://mms-proxy.vercel.app/device/device/device/{DEVICE_SN}
--header MMSAuth {Identity}
--header MMSAuthSig {IdentitySignature}
From the response we get a Server_Relay
(e.g. wss://nma-server6-ui-cloud.ezlo.com:443
) which I can connect to with a websocket and start communicating. The Chrome DevTools showed me what messages they’re sending to authenticate.
But without seeing any official documentation, I’m worried I’ll build something that will stop working one day because it’s not officially supported.