Life360 Device Tracker Platform

0.5.3.b2 has been working well for me for over 24 hours now - a big improvement! Using username & password.

I just said the following in one of the open integration issues. I’ll repeat it here:

Even when one of the new beta versions “works”, I’m pretty sure it’s not working very well. I.e., it’s very possible it’s having to retry error 403 very often, meaning that updates are coming very slowly (minutes apart instead of seconds apart.) I’m not sure I would consider that “working.” In fact, I’ve just about given up on this and have stopped using the integration myself.

It was one thing when requesting the list of Circles often resulted in error 403 or 429. That information doesn’t change often, and once obtained, really doesn’t need to be obtained again, so retrying for a long time was ok. But now that the server is responding with error 403 while requesting member location data, that really “throws a wrench in.” I currently have no idea how to avoid these errors, and that may be by design. I’m not sure there is a “fix” for this.


I’ll add, error 403, although shown as a “login error”, really is just the server saying, “go away, you’re not wanted here.” It does NOT necessarily mean the login credentials are bad. In fact, lately, it doesn’t mean that at all. It just means the server is (probably) protecting itself from unauthorized, unsupported third-party usage.

The reason it is shown as a “login” error is that a long, long time ago, when I first added specific handling of error 403, it was in conjunction with obtaining the authorization token (i.e., “logging in”.) But it was only reported as a login error if the returned message also had the word “login” in it. Somehow along the way that second part got discarded and any error 403 was, inappropriately, classified as a “login” error. I would fix that, but given the situation, the point is probably moot.

I wonder if all this is coming from some rate limiting with using the same account as a regular user. I created a “service account” that’s added to the circle I’m waiting data for that I’m using with this integration. I haven’t seen any of these errors or had anything break since I started using this revision of the integration.

I haven’t convinced myself yet, but I’m thinking this is a TLS fingerprinting issue. I’m guessing that since more and more users have started to use this new version of the integration, Cloudflare has started blocking our TLS fingerprint(s), either for the first time, or more aggressively than before. (E.g., it used to only respond to the request for Circles with error 403, or 429, but now it’s starting to respond to other, and possibly all, requests the integration makes with error 403.)

Interestingly, I almost always run two instances of HA, my “production” system on the default port, and a test system on a different port. And while I’ve been working on this newer implementation of the Life360 integration, I’ve used it from both instances, using the exact same Life360 account information. My production system has been plagued by the new errors like many other people, yet my test system continues to work just fine. If I had to guess, the port number goes into the TLS fingerprint calculation. So, my production system is blocked, because it has the same fingerprint as many other people using this integration, whereas (I’m guessing???) my test system has a different fingerprint, and Cloudflare has not decided to block that since it doesn’t see it nearly as often.

Anyway, just guesses at this point.

I’m not sure what might be different for me but I haven’t had any errors at all in at least the last week (I hadn’t checked it in the past so the only data I have is what’s in the recorder history).

If it helps I’m on the latest version of the integration.

I wonder if this is a difference between accounts that have been authenticated (Phone number etc.), and accounts that have not.
I created a new login and have specifically NOT registered my phone number on that account.
I cant use the integration.
Might be something or nothing, but worth considering I guess.

My life360 account is non authenticated. I just use a email & password.

Who knows. As I’ve stated previously, I use two accounts - my main account, which is verified, that I use in HA with a manually obtained access token, and a test account, which is not verified, that I use in HA with a username and password. And I have two HA systems, my production system and a test system, both running on the same computer. Both Life360 accounts work fine on my test system, and both Life360 accounts do NOT work on my production system.