My lambda test function works as expected, and return entities from Home Assistant, but when it comes to associate my Alexa Skill in dev mode with Alexa App on Android, it fail!
I reach the login page from home assistant, login, but the redirect fail with a message “We were unable to link XXX at this time”.
I’ve seen somewhere that the Skill must communicate with the HA on port 443, I’ve redirect the port to my HA, that now can be accessed thru my domain : https://ha.mydomain.com/
On Alexa Developer console, in account linking section, here is my settings :
Your Web Authorization URI : https://ha.mydomain.com/auth/authorize
Access Token URI: https://ha.mydomain.com/auth/authorize
Client_id : https://layla.amazon.com/ (for Europe)
I’ve try switch the urls mentionned above with explicit port specified :8123 or :443 (all combinaisons ), same result.
If anyone succeed set it up, any help would be higly appreciated
I don’t see logs on H.A of this login attempt, is there logs about these attemps in ALEXA CONSOLE ?
Is it possible to do this ALEXA < - > SKILL association from a computer ? or Alexa app is needed ?
Many thanks for your feedbacks
NB: I use Home Assistant 2021.12.2 on Docker, on a debian 11 buster.
If I try with US url, the HA login page send on first step an error message (Error: Invalid client id or redirect uri)
If I try with EU url, no error message on H.A first login step, but after login, what I previously describe.
I have my digital marketplace set as US for Amazon account and I thought you have a similar issue, but apparently i was wrong. You can try to enable debug logs for alexa integration and check them
Hi,
Unfortunalty I still don’t find how to link my Alexa Skills to H.A
I don’t find where to enable debug logs for Alexa, where can it be done?
Do you know if there’s a way to see raw logs from H.A http server, to investigate request/feedback done with Alexa? I use H.A with docker on Debian Buster.
It was way more easyer to connect my stuff to Google Home, AWS/Alexa backend is a nightmare!
And of course I forwarded port 443 to 8123 in my router. Verified that this worked first my just navigating to https://mydomain.duckdns.org/ in my browser outside of my local network and voila my dev AWS skill started working and was able to link.
Hello,
I’m trying to solve the same problem… Where did you go to modify the base url in Lamba function Configuration section… In one year the AWS interface has changed quite a bit and I’m not going to hide it, I’m still a beginner in this field.
Concerning port forwarding, my HAOS is on a Pi 4, should I choose it as the device to forward port 443 to 8123?
And is the redirection only in TCP?
I have created an account in these forums just to let you know that your fix worked. I had searched for over 5 hours on how to do this, tried almost everything. Thank you so much
Within AWS Console, where you see your code, there’s several tabs, one being Code where you write your Lambda function and another one is called Configuration, this is where your environment variables are stored. There’s a BASE_URL and that’s what you want to update and save.
Assuming you have 2 routers, your ISP router and then your own router you purchased. The ISP router traffic must be forwarded to your owned router via the firewall, if you just want to forward ports, create a rule to forward 443 on ISP to 443 on owned router. Then on your owned router, you want to again update the firewall to forward 443 traffic to 8123, assuming that’s your Home Assistant’s listening port. Yes, TCP is all that’s needed.
I have spent the best part of 2 days trying to get this to work. I had a lot of issues with the proxy configuration (self imposed), but the final fix was to clear the cache and all user data on the Alexa app (Android). Account linking worked once I had this done.
Issues with Homeassistant config
The minimal config I had when I got it first working was:
alexa:
smart_home:
locale: en-GB
Issues with proxys
I was running with NAT(PFSense) → TLS endpoint (Traefik) → Reverse Proxy (Traefik) → Homeassistant(Docker)
To see if there is a proxy issue i did the following:
This gives the raw traffic going into homeassistant and can be quite noisy. After running that command, run the AWS lamda function test.
Look for output X-Real-IP: {IP}
If the IP address is a local IP address or there is no response, then its likely a proxy / firewall issue.
If it’s one that looks like it’s from amazon, then it’s likely not a proxy issue.
Messages from amazon usually have some extra amazon headers in the lines above X-Real-IP.
I had to ensure https.forwardedHeaders and proxyProtocol trusdedIPs were set for my traefik endpoints, and my TLS endpoint service in traefik had proxyProtocol.version=2 set in the load balancer.
Can’t authenticate at this time
If you can see in the tcp traffic that AWS is sending the token data to homeassisntat, but there are still issues, RESET THE ALEXA APP!. I cleaned the cache and app data, then when I logged back into the app, connected the account, I finally got the success page.
I have recently been fighting with this problem for a week. In my case, HA is served through a reverse proxy with Nginx, so that all applications use the same certificate (one from Let’s Encrypt). Well, in my case the problem was that the certificate I configured was the final certificate instead of the fullchain.pem. I changed the settings and ‘voilà’. Problem solved. I hope this helps someone.
THANK YOU!!! This should be marked as THE solution.
For anyone else having this issue like @livlif2dfullest says remove your port from the BASE_URL value in the Lamba function and Your Web Authorization URI and Access Token URI in the account linking section in the developer console. Also, the Alexa Smart Home API requires your Home Assistant instance to be accessible from the internet via HTTPS on port 443 using an SSL/TLS certificate (router port forwarding, port 443 to your HA instance).
), same result.
