I am struggling with the custom integration alexa media player, yesterday it did not renew the login/cokkie and all alexas stopped working from within HA. After relogin with my credentials, it started working again.
Please don’t blame me, i have readed the wiki, watched YT videos but want to make it right, so next time i dont have to manually do something.
Before HA i was on fhem and used their similar integration without an issue. I think they are using the same unofficial alexa api. I had not activated 2FA and it worked.
My initial setup of the HA integration was (which failed yesterday to relogin):
Activated two factor over SMS, dont want an auth app
Readed the wiki multiple times → sadly the instructions are not really clear if the “normal” login proxy method without 2FA is working to renew the cookie
used “!secret amazon_user” & “!secret amazon_password” directly over the gui (wiki states the gui method is the recommended one)
Used Poxy method to initially login, and entered the 2FA SMS code on the amazon website
This worked until yesterday.
So here are my questions:
Does the cutsom integration with the login proxy method (and SMS 2FA activated in amazon account) renew the login automatically?
Do i really have to activate 2FA with an Authenticator app in my amazon account? Or just copy the my key/code like described (the bold value) and enter it along with my credentials?
Asking because dont want to activate login with an auth app.
How can i check that the integration is able to renew the needed cookie informations to stay logged in.
Not with SMS 2fa it can’t BTW as an aside - SMS 2fa isn’t really the most secure. I’d use an app EVERY SINGLE TIME over SMS 2fa. Bad guys know how to beat SMS. They can ‘beat’ anything of course. But beating SMS 2fa v. App and secure comm 2FA is WAAAAAY easier. The downside of using builtin 2fa in this instance of course is if someone owns your HA install, they can also technically get your Amazon creds - I can’t tell you which is more critical for your specific needs, but for me, I know what it takes to get to my HA install and I’m much more comfortable with it’s security than a 2fa code in the clear on someone’s SMS network. Every single time. Now that I’ve said that.
You dont have to USE an app of course, (Amazon allows multiple 2fa methods, I see no reason you couldn’t use SMS as primary - but again see above.) but to make AMP auto login with 2fa and auto regen the key - it needs to use it’s onboard 2fa app for AMP. See the text of installing 2fa Line 4 - From the wiki:
Instead of using a separate 2FA code, you can also register a 2FA app with Alexa Media Player.
Go to Amazon.com’s 2FA page and Add new App. You should save this key so you can reuse it if you reinstall.
Instead of scanning the QR code, select Can't scan the barcode.
Select the bolded value under Enter your Key (e.g., 35T5 LQSY I5IO 3EFQ LGAJ I6YB JWBY JJPR PYT7 XPPW IDAK SQBJ CVXA)
Enter the value from Step 3 in the Built-in 2FA App Key when adding the integration. 2FA should be automatically generated from now on and can be left blank.
Thanks for your help.
Already activated 2FA App in Amazon Account (because as you stated it’s more secure) and also set up HA with user/pw/2fa code from amazon website. Will see how it goes.
Do you use the secrets file for your credentials for the integration or do i have to enter them directly?
Before i used “!secret …” but had that feeling taht maybe that was the cukprit.
I use secrets… all the way. Probably for stuff I don’t even NEED secrets for - but. I’d be comfy posting my config.yaml if I was threatened. I won’t - but I could.
That’s clear to me.
My question is, when i configure the alexa media player integration with the HA gui (Settings → Intergrations), can i use “!secret amazon_user” & “!secret amazon_password” directly in the fields Username & Password:
And sure add those secrets to my secrets.yaml.
Can you please post your configuration of the integration?
