Ah - they have changed it from “on by default” to “off by default”. Annoying but more secure I suppose. It’s on for all my devices but then I haven’t added new ones recently.
Thanks for the help everyone, I figured it out. I wasn’t quite sure what was meant by options flow. I went into the ESPHome integration, then into the device settings and there is a checkbox that allows service calls.
Took me too long to understand what to do based upon the error message. This screenshot would have helped me to understand what I needed to do. Posting here to hopefully help others.
Old thread but how do we find out what it was trying to do? I have several esphome devices (one previously setup ratgdo) and none of them have shown this message nor has their functionality been hindered that I can tell. Setup a new ratgdo board tonight and got it which led me here. I realize the security around this changed but I am wondering if this is only a one-time thing it tried to do during setup or what?
Still not sure what service it’s trying to call.
But if it truly does only call it once during setup like I was assuming based on existing devices, that is even more confusing.
If an esphome device shows up as a new notification, you just click Add (or whatever it’s called) and it does its thing. You aren’t asked to allow it to call services as part of that flow (I don’t recall any options). So if it’s needed only during that add process, then what’s the point of enabling it after or even notifying the user? Unless of course the device has yaml that calls services but that’s not the case here.
It is a matter of whether you want the esphome device (which someone could reprogram to, for example, unlock your doors) be able to call services on your HA server. You are giving the esp device the power to control your home, so if it is somewhere that a smart bad guy might access it and reprogram it, don’t allow that.
If you want to see what services it might call in the firmware that ratgo send you, then look at their source code.
Appreciate the responses but I feel you are answering different questions than I am asking . I get what the setting does and why it’s there for normal day 2 usage. I’ll try to rephrase it better later.
Yeah, I am certainly missing your point somehow . Sorry about that.
If you are asking why you haven’t been asked before (on previous devices) then perhaps they were integrated in HA before this precaution was put in esphome. The PR says
As a security hardening measure, the default for allowing ESPHome devices to make service calls has changed. If you want to permit the ESPHome device to make service calls, it must be enabled in the options flow.
For existing devices, calling Home Assistant services continues to be allowed.
For newly configured devices, it must now be enabled in the options flow.
Haha no apology needed and actually providing that answered a big part of it. That’s my fault, I should have dug in more. I didn’t expect existing ones to work and NOT have that checkbox checked. I made the wrong assumption that if existing devices needed it, then the upgrade would check the box for them.
For my other uncertainty/question, I’ll monitor it for a couple days to see if what I am thinking turns out to be true and then post back.
Thanks again!
. Sorry about that.