Alexa Smart Home Stopped Working

A few days ago my Alexa Smart Home integration stopped working. I tried disabling and re-enabling the skill in the Alexa app and via the website and it will not re-link. When trying to link, I’m prompted for my HA login/password, it seems to accept it, but then gives me an error stating Unable to link Home Assistant to Alexa.

It seems like Alexa isn’t getting the token or something. There is no associated token entry in the profile section of the HA app. There aren’t any useful entries the HA log either. Any ideas? There’s no way it’s related to the Let’s Encrypt root CA expiration from a few days ago, right? I only mention because I hadn’t changed anything or even restarted HA when the problem first presented itself. Thanks!

it’s most likely related to your certs, restart nginx or ddns or whatever you’re using.

Thank you. I’m running LSIO’s SWAG container and restarted that to no avail. I’m also utilizing Cloudflare’s Argo tunnels, but hadn’t had a problem doing that until last week.

The problem ended up being Cloudflare’s firewall services that I have in front of the domain. The default “Bot Fight Mode” started blocking the Alexa Smart Home connection. I had to disable this setting under Firewall->Bots.

As far as I know, I always had this enabled. I hadn’t made any changes that caused it.

ehmmm today I moved to Cloudflare and all my Alexa (Custom Skills, Control Devices and Flash Briefing) stopped working. The bot fight mode was already disabled…

Now move back to my old situation. Now wait when nameserver change is done and see if Alexa is working again.

Hope there is a solution to let it work with Cloudflare…

Agreed, this might be a bot issue for some folks. However for me this was not a bot or firewall issue as no alert / log entryis generated in the CF firewall log.

I hit this for the first time today after turning off my wildcard in CF and proxying everything including my ha.mydomain.com

I noted that the response in the custom alexa skill is as follows

Test Event Name
test

Response
{
  "event": {
    "payload": {
      "type": "INTERNAL_ERROR",
      "message": "400: Bad Request"
    }
  }
}

Function Logs
START RequestId: 043c0941-4dd7-42cc-9c99-dc63dec1cbaa Version: $LATEST
[DEBUG]	2022-02-21T01:07:08.859Z	043c0941-4dd7-42cc-9c99-dc63dec1cbaa	Event: {'directive': {'header': {'namespace': 'Alexa.Discovery', 'name': 'Discover', 'payloadVersion': '3', 'messageId': '1bd5d003-31b9-476f-ad03-71d471922820'}, 'payload': {'scope': {'type': 'BearerToken'}}}}
/var/runtime/urllib3/connectionpool.py:1013: InsecureRequestWarning: Unverified HTTPS request is being made to host 'ha.mydomain.com'. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/1.26.x/advanced-usage.html#ssl-warnings
warnings.warn(
END RequestId: 043c0941-4dd7-42cc-9c99-dc63dec1cbaa
REPORT RequestId: 043c0941-4dd7-42cc-9c99-dc63dec1cbaa	Duration: 544.14 ms	Billed Duration: 545 ms	Memory Size: 128 MB	Max Memory Used: 43 MB	Init Duration: 152.77 ms

Request ID
043c0941-4dd7-42cc-9c99-dc63dec1cbaa

The 400 is generated by ha.mydomain.com not CF, it is just passing the 400 to the custom function.

Which lead me to this article Cloudflare - 400 Bad Request error - Configuration - Home Assistant Community (home-assistant.io)

The fix in this scenario for me was to add the following to my hass configuration.yaml file. I have never had to use this before (because i run full SSL internally and externally) i wonder if this is because i turned strict on in CF… any hoo this fix worked for me, good luck.

http:
  use_x_forwarded_for: true
  trusted_proxies:
    - 10.0.0.200      # Add the IP address of the proxy server you use to expose HA externally

Hi, i experienced similar after switching duckdns to real ssl certificate with caddy2

my fix

configuration.yaml
http:
#added
cors_allowed_origins:
- https://layla.amazon.com

created a new user [ just for the alexa integration ]
and boom working again

Did not do any of the above, except change the duckdns entries into my real domain

1 Like

This actually fixed it for me!

my config now looks like this:

http:
  use_x_forwarded_for: true
  trusted_proxies:
    - ip_of_exposing_proxy
  cors_allowed_origins:
    - https://layla.amazon.com

EDIT:
okay, i was too quick, turns out it is actually only working during homeassistant startup, at the moment the start process is finished it stops working again.