Cummins Cloud Connect (Generators)

I have two Cummins Cloud Connect Generators that I would love to be able to see the status of and could use a little guidance/help with the API to make an integration (or AppDaemon module). They normally support IOS and Android Apps and a web site (https://connectcloud.cummins.com/). They utilize Microsoft B2C for all their authentication and then a few AWS JSON calls to actually pull the data.

By using MITM proxy I have been able to figure out most of it except figuring out how to actually authenticate with Microsoft B2C to get the Bearer token used in the actual API calls.

The calls to B2C are what I am struggling with… When you go to the website/app it gives you a login/password… that logs in via B2C gets an oauth2 token → bearer token which is used to call the APIs on AWS below. The login URL is

https://powercommand.b2clogin.com/powercommand.onmicrosoft.com/b2c_1a_powercommand_combined_signin/oauth2/v2.0/authorize?client_id=17d3c24c-be5b-4bef-a43f-b7d77f5b5e25&redirect_uri=https%3A%2F%2Fda-pcc-auth-production.auth.us-east-1.amazoncognito.com%2Foauth2%2Fidpresponse&scope=https%3A%2F%2Fpowercommand.onmicrosoft.com%2Fawsprod%2Fuser_impersonation+openid+profile&response_type=code&state=SOMELONGCODE

I could use help figuring out how to streamline the oauth2 login so I can get and maintain the bearer token to call the APIs.

The two calls to AWS are bellow… these are easier to handle

Any help appreciated

-Eric

AWS Calls

https://mobile-prod.aws.powercommandcloud.com/api/dashboard/v1/mobile/Sites/Personal

which returns (an array of your equipment, in my case 2, but I shortened to just show 1)

[
    {
        "Sites": [
            {
                "AccountId": "XXXXX",
                "Address": {
                    "City": "Hellertown",
                    "Id": "XXXXX",
                    "Label": null,
                    "Latitude": XXXXX,
                    "Line1": "XXXXX",
                    "Line2": null,
                    "Longitude": XXXXX,
                    "State": "XXXXX",
                    "ZipCode": "XXXXX"
                },
                "Assets": [
                    {
                        "Description": "Engine Model: QSG\nKilowatts (kW): 20kW\nFrequency: 60Hz\n",
                        "DeviceId": "XXXXX",
                        "Id": XXXXX",
                        "Kind": "ArrowUnit",
                        "Model": "Stealth",
                        "Name": "Genset",
                        "SerialNumber": null,
                        "Status": 8
                    }
                ],
                "Description": "Site for Generator One generator",
                "Id": "XXXXX",
                "Location": null,
                "Name": "Genset 1",
                "Status": 8
            }
        ],
        "Status": 8
    }
]

Then it calls

https://mobile-prod.aws.powercommandcloud.com/api/dashboard/v1/mobile/Sites/GetAssets?id=GeneratorIDFromFirstCall

which returns a large JSON object with the information for the Generator.

Did you ever get anywhere with this? I’m sorry I’m no help with this but certainly interested in the integration.

Nope… gave up for now.

Have you found a way to autenticate ?

No news on this front? Such a shame. See a great integration for Generac. Would love to get my new Cummins integrated and have some automations that signal generator running and switch off nonessential lights. Right now I don’t see any way of telling HA that it’s running on the generator without this working.

I just monitor the gas usage which lets me/HA know it’s running.

I gave up. Didn’t have time to deal with it. Couldn’t get the authentication to work.

A shame indeed. I wrote to Cummins a few weeks ago to attempt a conversation about this amazing opportunity of making Cummins an industry leader in home automation. I sent them this link Introducing the Works with Home Assistant program - Home Assistant along with a statement of support from the community saying that we’d be happy to help with the development and testing.

Radio silence…

Perhaps if we all took 5 minutes to write them, there’s a better chance of being noticed.

The good news is Microsoft AD B2C is quickly becoming an industry standard. Perhaps someone else’s integration or project will give us some idea of how to accomplish the authentication flow. I’ll do some poking around.

I tried to contact them also a while back. Nothing. Seems like it would be fairly easy to expose a basic api.

Such a shame. Would so love to have at least equivalent data and control that Generac offers. If i had done my homework better, I would not have bought the Cummins and would have chosen the Generac simply because it integrates with HA.
Wish some HA brainiac could reverse engineer it.

Hello Eric,

I was able to get a bearer token by using “POST” with basic authentication to the web site:

https://powercommand.b2clogin.com/powercommand.onmicrosoft.com/b2c_1a_powercommand_combined_signin/oauth2/v2.0/authorize

I am able to use that token to make a request of:

https://mobile-prod.aws.powercommandcloud.com/api/dashboard/v1/mobile/Sites/Personal

which appears to be a valid endpoint, and with valid token, but instead of a JSON reply I get

{“error”:{“statusCode”:500,“message”:“Cannot read property ‘sub’ of null”}}

I suspect that I’m missing something in the header to identify myself…but without the API guide I’m feeling lost.

I’m wondering if you still have the output of your MITM research that I could look through to try to figure out what’s missing.

In theory I could try to get it again. Don’t have it saved anywhere though. Kind of gave up on it. Supposedly they are updating their interface soonish and I didn’t want to spend the time to do it and then immediately have it break

The Ford Pass integration just moved over to using Azure B2C. This may have some nuggets of code that can be used for this?

Release 1.63 Release · itchannel/fordpass-ha (github.com)