Lightwave - Smart Series (Gen 2) API

HarmlessSaucer · February 21, 2019, 10:28pm

Not sure who’s seen, but twelve hours or so ago, Lightwave (and subsequently Home-Assistant) tweeted about API access for their Smart Series (Gen 2) devices.

The API/documentation is available on their website:

I’m starting reading now, and start playing around with it! If anyone has any luck, it’d be great to hear!

bigbadblunt · February 23, 2019, 5:17am

I’ve got the basics working. It’s worth noting that this is still cloud-based - there’s no local control.

I can:

authenticate
read the hierarchy
update and read individual devices (or “featuresets” as called by Lightwave).

Things I haven’t done yet

worked out a good way to reauthenticate. When you first authenticate you need a “refresh key” from the official LW web app (the docs also say the mobile app will provide this). But this is single use; when you authenticate it returns an access key and also a new refresh key to use for the next authentication. I need to find a good way of storing the refresh key and using that if needed on next authentication.
receiving events from LW. Just haven’t got around to trying this out because it uses webhooks and I didn’t have the energy to set up a webhook endpoint.

There’s some working code at

(the LWRFLinkPublic class is the one using the published API, there is an older LWRFLink class that uses the reverse-engineered protocol used in the official app).

mlevittfl · February 23, 2019, 1:17pm

I’ve been playing around as well. The authentication docs are very sparse and, yes, seem to imagine you’ll go back to the Lightwave app to get a refresh token if it expires.

However, I’ve captured the traffic from logging into the app itself and it seem like the app is issued the same bearer and refresh token as you get within the app, although the App POSTs to a different auth route:

Example here (with fake data):

Using the access_token returned above with the puplicapi endpoint works.

The Webhook endpoint doesn’t seem to work though. If I POST to create one using the documented format:

    {
      "events": [
        {
          "type": "feature",
          "id": "5b..."
        }
      ],
      "url": "http://requestbin.fullcontact.com/1...",
      "ref": "test"
    }

I get back an error message:

    {
        "message": "Request Error: Missing notification id"
    }

bigbadblunt · February 24, 2019, 9:30am

I’ve emailled lightwave about the webhook. Will report back if they respond.

Out of interest, how are you capturing the traffic?

mlevittfl · February 24, 2019, 10:37pm

I use an ssl proxy application called Charles. https://www.charlesproxy.com/

bigbadblunt · June 8, 2019, 9:50pm

The webhook API now seems to be working. I can register webhooks and they seem to fire reliably on events.

arikadiusz · July 19, 2019, 5:58pm

I am having issues with webhooks for last few days. It used to work just fine. Now webhooks will register and I can see them when I list all events but nothing gets send. Tested on my own app, then on https://webhook.site/. I have emailed technical. Would be nice if someone could confirm that they are having issues as well. Thanks