Anyway to setup Google Nest integration without exposing external access with port forwarding?

Tonight I noticed an unknown overseas IP attempting to login to my duckdns home assistant instance.

I would prefer to keep external access disabled and turn off port forwarding. However I wasn’t able to figure out how to get this to work without setting up duckdns and enabling port forwarding.

‘’’ Add Authorized redirect URIs for your Home Assistant URL, including the OAuth callback path e.g., https://<your_home_assistant_url>:<port>/auth/external/callback .
‘’’

Does anyone know if there is a way to get this to work without opening me up to folks trying to break into my network?

Sign up for Nabu Casa.

1 Like

Thanks - is that the only option you’re aware of? No way to leverage the Nest APIs without opening up my firewall or using cloud solution?

Hi, you don’t need to open up any ports, actually. Only your browser connects to your home assistant instance, and nothing form Google.

One thing I want to point out is that this is a very common source of complexity and confusion so in 2021.12 the requirement for having SSL and redirect urls has been removed, and instead you will be redirected to copy/paste an access code to lock. You can install the beta, or wait for Saturday for the new release. Let me know if you’d like the beta instructions.

1 Like

Hi, the new release is out so upgrade and give the new integration instructions a look. No more ssl urls needed Nest - Home Assistant

1 Like

Thank you!

Stupid newbie question: I saw the prompt to upgrade Home Assistant, but in the new version how do we upgrade integrations like Nest? I don’t see any prompt.

Nest is built into home assistant so upgrading home assistant gets you the latest nest improvements.

1 Like

Even better! :slight_smile:

Are there any instructions on anything to change if we already had prior setup? Everything appears to work well

I think it’s a little error prone to try to reuse surgically since some data between device access and oauth cloud console needs to be in sync. I would recommend deleting the device access project, deleting the oauth client Id, and pubsub subscriber and recreating them following the new instructions again. Let me know if you have questions.

1 Like

Thank you! I’ll try to carve out time to remove and redo everything tomorrow - appreciate all your help!

Works perfectly - thanks again for all your support/hard work

1 Like