Alexa, no cloud, external port 8123 with events!

I was completely successful in configuring Alexa without the cloud on external port 8123 with events. I’ve seen everything else but events by others but I got events to work.

The highlights are:

  1. Subject to slight changes noted following, create as per HA instructions
  2. Edit matt2005 lambda to comment out lines 50 and 51 and outdent 52 to force it to always use the LLAT.
  3. KEEP the LLAT
  4. For linking, use LWA (Login with Amazon) method. Don’t link to HA. Make sure you enter endpoint:, client_id: and client_secret: (from the amazon login you create) into configuration.yaml.
  5. A few other gotchas (e.g. you have to change the device class of sensors to have them read)

Hope this helps someone else who can’t use port 443. Totally worth the effort!

Great! Did you set up SSL or it’s not required? I don’t want to set up SSL as my router doesn’t support NAT Loopback and I can’t connect with the domain

@KeithL how did you link your Skill to Home Assistant? I always get an error after entering my home assistant password

I did set up SSL but it is quite possible that you don’t have to. Specifically, Amazon requires SSL to talk to an Alexa skill but the lambda function is a marshalling function (man in the middle) and, therefore, IT is Alexa’s connection! Conceivably, you don’t need SSL (with a one-line change to use HTTP not HTTPS). Couple of caveats though. Maybe the lambda function enforces HTTPS (I doubt it). Maybe the HA integration requires SSL. Maybe Alexa needs SSL for “send Alexa events” which I believe go straight to Alexa from the integration (no lambda).

I didn’t enable NAT loopback so that is not a requirement. I access remotely using duckdns domain name. I access locally with the local IP. Works like a charm. You need a port forwarded and the lambda function needs to be able to get your IP (fixed IP would work probably)

What do you mean “I can’t connect with domain”?

  1. I was careful to use the same login (email address) for AWS, Alexa login and Amazon developer.
  2. For the login validation to get the login token, I used a trick. I made a LWA (Login with Amazon) account in Amazon Developer and used that to satisfy the need for Alexa to login to the app. Then, in the lambda function I totally ignored the token sent by Alexa and used the LLAT instead.
  3. You do need a login for send events, but for that you use the login that is created by Amazon in your skill.

I’m fricking thrilled!

I got it working here, I was doing wrong (without LWA), and after I used, it started working perfectly… Thanks!

Are you using HTTPS and SSL from lambda function or HTTP?