Long-lived Access Token with AppDaemon

Hi all,

A bit of a philosophical question about using a “Long-lived Access Token” with AppDaemon. I am wondering how on earth I will remember in ten years the procedure to update it.

I am about to configure my system to be accessible remotely, and this seems a good time for me to upgrade my HA (from 0.84 to something > 0.90, I think). This means that I will move to the new authentication.

I use AppDaemon and have read up on the Long-lived Access Tokens, but I really doubt that I will remember about it when it expires ten years from now. My doom scenario: all of a sudden AppDaemon will stop working, I will not even remember how to read the logs, and even if I do I will not understand the error message. My garden irrigation stops working, I no longer know the humidity inside the piano – life simply stops…

Is there any way to configure it so that AppDaemon’s authentication will never expire, or be automatically refreshed?

cheers,
Sean

Thats definitely an interesting answer to the question “Where do you see yourself in 10 years?”. :smiley:

I would put an reminder in my calender (maybe with an url to the update process documentation)

yes, maybe that’s the best approach available, sad to say.

It does make me think twice about the monster I am creating, though. I enjoy messing around and learning now, but in twenty years? And I shudder to think about selling the house, or my wife handling a token refresh if I have passed away…

In the dev docs, it appears that as long as the client(appdaemon) can establish a websocket connection, a request for a new token can be made through the websocket connection, so I guess implementing automatic renewal is possible. See here https://developers.home-assistant.io/docs/en/auth_api.html

interesting, I’ll have to try to understand it a bit more. Thanks.

Actually, thinking about it, the problem might be more on the AppDaemon side – it stores the token in a yaml file.

The python library used to parse the yaml files can also be used to write updates to the the yaml files, so that’s not a problem.

ok, thanks. I think I’ll give it a try to make that work.

It should be fairly easy to write an appdaemon app that renews the token, I use this library https://yaml.readthedocs.io/en/latest/install.html for reading and writing yaml files.

In my opinion this shouldn’t be a concern, HA and Appdaemon are in development and will evolve and change a lot in the next 10 years and I assume you will not keep your system as it is now for the next 10 years right?
Things change, who knows what will be tomorrow, maybe there will be a new way to authenticate in 2 years. Maybe automatic renewal will be included in a further release.
Also in my opinion, if you choose a software like HA, you should be aware that you will need to fiddle
around, change things, adapt to new changes. In the end it is a free, open project and not a plug and play, commercial product.

This is in no way meant as an offence, just my 2 cents.

Yes, most likely,we will be using an altogether different home automation system with different authentication methods, such as mind reading etc. :slight_smile:

Haha, yes there will be a brain component connected through B-Wave.

1 Like

Hi Burningstone,

No, I don’t buy that this sort of project can only be for people who like to fiddle. Yes, it’s volatile and open source, but that doesn’t mean my implementation needs to be. Also, honestly, commercial products in this space have the same challenges (I just reprogrammed my Harmony remote for the first time in over five years).

I’m not wildly nervous about the ten year token, but to me it makes sense to think through how to make an implementation sustainable when I get to a time where I am no longer ready to putter around with it on a regular basis.

cheers,
Sean

With commercial products I meant more something like Control4 where you get support and don’t need to fiddle around by yourself.
I agree with you that it makes sense to make the implementation sustainable, but I think Home Assistant is not there yet, it’s still in development phase, version 1.0 has not been released yet.
I think you need to give it a bit more time, in the end of the day it is still a two man show developing the core.

yes, that’s fair. It’s been pretty amazing to see fundamental architectural changes just pop in and out – really still in the formative phase.

Nonetheless, when I finish my garden irrigation controller, there is no reason why I can’t freeze on a version and have something that’s rock solid. I can always have multiple HA implementations running, if I want to isolate it. It’s no different than my standalone (and much worse) Rainbird today. For that sort of implementation, I don’t want to worry about something needing fixing ten years down the road (which I will solve).

1 Like

Thinking about building/shipping a commercial product based on homeassistant and appdaemon. This (and the long lived token itself is one of the reason I might need to move on… Is there a way to at least automate the token generation in homeassistant/configuration in appdaemon? Or disable it all together (since it is running on an embedded box that you need to firewall anyway)?

You can generate long-lived tokens by sending an "auth/long_lived_access_token" request over a websocket connection, see here: https://developers.home-assistant.io/docs/auth_api/#long-lived-access-token

Thank you for the pointer!