I think I’m at the goal line, but my Alexa skill is unable to link to my account.
I followed the documentation guide. When I try to link my new skill (from the Alexa app) - I enter my HA credentials on the login page, and then get an error from Alexa “Unable to link Home Assistant with Alexa.”
I’m able successfully log into https://xyz.duckdns.org:8123 from a browser without any issues using the same credentials. It seems like I’m missing something obvious.
Other details:
I’m new, converting off of SmartThings to Home Assistant.
Installed HA without any issues - pi4b, HassOS 4.14, duckdns, zwave, zigbee
only have two devices - Ecobee 4 thermostat and a lamp (zigbee bulb) configured so far.
The 2 devices show up in the Lambda Discovery test execution results (with DEBUG = true)
Without the debug variable I get
“event”: {
“payload”: {
“type”: “INVALID_AUTHORIZATION_CREDENTIAL”,
“message”: “401: Unauthorized”
For now I’m using a LONG_LIVED_ACCESS_TOKEN
I need to get this resolved before I decommission my SmartThings hub or Management will send me to the garage. I appreciate any suggestions!!
I am using the LONG_LIVED_ACCESS_TOKEN variable and populated it with the generated value. Unfortunately it doesn’t seem to make a difference. When I get to the Alexa mobile app and attempt to link my account, it takes me to my Home Assistant login page. Entering username/pw is where it fails on me (alexa mobile app: “Unable to link Home Assistant with Alexa”). Though I can login through a browser using the same url (https://xyz.duckdns.org:8123) and login credentials.
This is so strange, I can’t figure out why it still isn’t working. I’ve even cleared the entire setup and started over and still get the same problem linking the Alexa skill.
I’m going back to SmartThings if I can’t get Alexa enabled without a monthly fee. But I’m out of ideas and have wasted way too many days on this one seemingly small issue Everything else was fairly easy to get set up.
I had this working in the passed but had to re link after restructuring my home network. The last step I was going to try was to revert back to duckdns with let’s encrypt as I’m currently using my own registered domain with my own SSL cert that I purchased through namecheap (signed by DigiCert CA) but after seeing your post I’m not sure it’s worth the hassle.
I’ve seen post saying that you must forward port 443 from the outside to your HA instance. Maybe try that ? It didn’t solve my issue but who knows maybe will work for you.
I wanted to post the solution I found after messing with this for a few hours. The part where others are saying you need to run home assistant on port 443 is only sorta correct. Specifically Alexa needs to be able to reach out and receive a token on 443.
So the working config for me was:
Setup a forward rule on my router for 443 → 8123 (keeping the 8123 → 8123 rule that existed already)
Set the Access Token URI to https://homeassistant.mydomain.com/auth/token
Leave Your Web Authorization URI as https://homeassistant.mydomain.com:8123/auth/authorize
thank you so much for this, i’ve been pulling my hair out with this for a while and gone through the whole process to creating in AWS a few times now.
So to be clear. once the account is linked, I can get rid of port 443 access to my HA? (i would rather be on an obscure port, not an obvious one, and i sometimes need 443 so that letsencrypt can renew)
Tried using magic7’s suggestions but they didn’t work, even though I am using the same domain name + HA hostname. Also had to remove the 8123 port from the Web Authorization URI
Thing is, port 443 is already in use on my router. It hosts my private eBook library so I can access it wherever I am. Now to figure out how to get the router to do some magic. At least it’s a capable router.
I also tried this fix and it initially didn’t work for me, resulting in an OAuth error page. If you run into this OAuth issue and you’re using trusted_networks in your auth_provider, the fix re-add homeassistant as a type in the configuration.yaml file:
Removing the “:8123” from the “Access Token URI” worked for me with the linking problem.
I’ve linked my Smart-Home setup now with my HASS configuration as it seems (I guess).
I have the same issue.
I linked on euwest ireland server (with ireland lambda function ARN)
and also on north virginia server with ARN configured for US.
Both ways i got to the succesfull connecting bit but I have the same error message saying it can’t connect to my device…
pls halp
Well it’s a while ago already now, so I can’t remember exactly. I’ve managed to get it working eventually by doing some port forwarding in my router. Can’t remember the exact ports, but it was something like forwarding external 844 (not sure if it was this port) to internal 8123.
After that I was able to connect.
But it caused other conflicts in my network. Like network printers which weren’t responding because they were using the same forwarded port etc.
So that was no option for me…
I believe I was also not able to get it working without the long acces token. And for me it was just to get rid of that to go over from Haaska to the Alexa skill.
So I’ve decided to get back to Haaska. This works for me without needing to do some extra port forwarding. The instructions however are verry outdated… But got it working with a bit of puzzeling.
So if you don’t mind about the port forwarding and don’t having any network conflicts, it’s an option to stay with.
Otherwise Haaska is the better way to go I think.
Edit: I’ve checked it, but I had to forward external port 443 to internal port 8123 to the IP of the HASS server. And removing “:8123” from the “acces token URL” in the Developer Console
Turning off bot fight mode on cloudflare fixed it for me. The WAF rules to skip also only work for $uper bot fight mode and not regular bot fight mode.
Everything else was fairly easy to get set up.
