I started seeing some issues with my blink integration last night (UK) regarding endpoint access however didn’t get round to looking until this afternoon.
I’m now unable to login either via HomeAssistant or via the Android App, with the message “Unauthorized access - contact support” when I try to do so.
I’ve raised a support ticket and am awaiting their response - my fear is that this is the beginning of a crackdown…
In the meantime I’ve commented out my blink account in configuration.
Anyone else hitting this issue?
EDIT Worth noting that I completely overlooked limiting updates by setting a non-default scan_interval. If I can get my account unlocked I’ll be looking to significantly reduce my scanning interval (I’m hoping Blink support will give me some guidance on this).
Your case was escalated to our Server Team who let us know that your account has been flagged for generating back to back commands in short bursts over a long period of time. This has raised Server alarms which disabled access to your account. At times, this is due to unauthorized third party software that may be in use with your system or a bad configuration of authorized integrations.
Reviewing your account logs, it seems that your configuration for IFTTT is causing these commands. Please review your recipes for IFTTT and make the appropriate changes and we can have our Server Team reinstate access to your account.
I have reduced the scan interval to 5 minutes and asked them to reactivate. I have also asked what they consider acceptable polling. I suspect they are cracking down on unauthorised integrations and I will have to switch off altogether. They did something similar with an unauthorised smart things integration before I moved platforms…
After 5 1/2 hours with no update I rang them this evening (transatlantic call) jumped the uninstall & reinstall and password change scripted steps and managed to get my support request into the Server Team queue.
I’ve also suggested they may want to consider sending an email notification when disabling accounts and explained that I’m reliant on third parties to provide presence based arm and disarming.
In the meantime I’m going to strip out my blink automations (notification on movement) with the exception of the arm / disarm on presence on the assumption they will permit some level of unsupported integration (outside of Alexa). I’ll also be implementing a very lazy scan_interval.
Otherwise I’ll be dumping my plans to expand my Blink setup and looking to pickup some Unifi external cameras instead.
[quote=“TazUk, post:5, topic:98660, full:true”]
After 5 1/2 hours with no update I rang them this evening (transatlantic call) jumped the uninstall & reinstall and password change scripted steps and managed to get my support request into the Server Team queue.
I’ve also suggested they may want to consider sending an email notification when disabling accounts and explained that I’m reliant on third parties to provide presence based arm and disarming.
In the meantime I’m going to strip out my blink automations (notification on movement) with the exception of the arm / disarm on presence on the assumption they will permit some level of unsupported integration (outside of Alexa). I’ll also be implementing a very lazy scan_interval.
Otherwise I’ll be dumping my plans to expand my Blink setup and looking to pickup some Unifi external cameras instead.
[/quote]
Yeah, they’ve given that response before. It’s BS. The HASS component looks like a normal phone accessing their servers, they cannot tell the difference (the requests are implemented exactly like their app).
As for “cannot obtain new token for server auth” that happens from time to time and should clear up. Individual user accounts getting locked will be because of heightened activity, and should NOT affect the component itself…UNLESS they’ve changed their authentication endpoint. Then I just need to find that endpoint and re-implement it.
Mine is now reactivated. I have reduced the scan interval to 10 minutes and support indicated that that should be sufficient to prevent further flags. I don’t really need to poll sensors, just activate/deactivate with automations.
From the response I got, the requests appear to Blink to originate from IFTTT - they cannot distinuish the origin.
I’m still waiting for a response to my request raised 9am EST on 12 Feb. I followed it up with a (transatlantic) phone call for 30 minutes last night and was told it was with the server team, but I’ve had no response from Blink whatsoever.
The way they have dealt with this is a bit crap. Fair enough if they want to crack down on unauthorised integrations that are hammering their servers. But these are security products - disabling accounts without any prior warning and then taking over a day to respond and reactivate is far from ideal…
Yeah, I 100% understand them wanting to crack down on servers getting hammered.
Perhaps as a quick fix I should just open a PR to reduce default scan interval. Really, the only reason for a fast scan interval is for better motion detection support, but for things like arming/disarming and stuff it’s unnecessary.
Still no contact from Blink despite reaching out via email, Twitter and Facebook. However my account now seems to be unlocked (they’re probably sick of me prodding them).
Think I’ll see just how bad IFTTT is as it is the “approved” route. I should be able to arm / disarm and get arm / disarm status back via an IFTT event via Casa Nabu.
Janky, but there you are.
I’m also going to shelve my original plans to expand our Blink setup and invest in some Unifi video gear to go with our existing Unifi setup.
