Restful Sensor - requested API Token more than 255 Characters (Update)

Tags: #<Tag:0x00007f3262c1dcc0>

Hello Community,

I’m very new here and let’s say “advanced beginner” in home assistant.

A few days ago I bought a new smart lock that I want to integrate in my ha.

To authenticate at the locks api I have to generate an acces_token. I thought rest sensor is the best choice. So I coded in the configuration.yaml the following sensor.

- platform: rest
  name: token
  method: POST
    Content-Type: application/x-www-form-urlencoded
  payload: 'grant_type=password&username=myuser&password=mypassword&scope=openid 02106b82-0524-4fd3-ac57-af774f340979&client_id=02106b82-0524-4fd3-ac57-af774f340979&response_type=token id_token'
    - access_token
  value_template: '{{ value_json.access_token }}'

Unfortunately I don’t get any response. Even the sensor itself is not visible when I try to add it in the ui. And I really do not know whats wrong.

I would appreciate any help. Thanks in advance.

Your indentation is wrong. Everything after the sensors: line needs two spaces’ more indentation. Try that (remember to restart HA to read in the changes), and see what happens.

Hi Troon,

yes that is true. I wrote it your way. In my post I just forgot the word sensors and wrote it manually in the code. But it is written the way you described.



I guess I got the problem. Unfortunately not the solution. :unamused:

The access token I requested is longer than 255 Characters. I used json_attributes and a template to request not for the token but the information of expires_in. And he responded. The same with token_type. I get the correct response. Unfortunately not for the most important information the token itself. Is there any way how I can use more than those 255 Chars in rest sensor or maybe another solution? Thanks again in advance.

The sensor attributes are not limited to 255 characters like the state is. Grab your token as an attribute instead.

Thanks tom_l for the advice. Sounds interesting. Could you explain a bit more in detail?


See the docs — find the fourth code block with bedroom-related JSON and start reading from the paragraph above. In summary, you need to set your own state using value_template, otherwise the sensor will use the full JSON and break because of its size.

Hi Troon, thanks for your help again. It works. Unfortunately as far as I read, I cannot use the state_attr (or Template in general) in rest - header - authorization. So I cannot use the token to start a new request with the token. Maybe you know a workaround for that as well. For example is it possible to dynamically save the state_attr in the secrets.yaml?

Thanks in advance


I created a new command_line sensor with the command below. When I paste it in the template editor everything looks fine. When I copy the result of the template editor in my Ubuntu console I get the correct response. But unfortunately the command_line sensor won’t do its thing. I really appreciate your help. :slightly_smiling_face:

curl -H "Authorization: Bearer {{state_attr('sensor.tedee_token_request','access_token')}}"

What about doing the opposite? Save the token to a file (worst case, have curl save it off) and then have the next curl command use the token from that file?

Or… do you even need to save it to a file? If you can request a token every time, simply have two curl commands in a single script… one to retrieve the token, then the second uses that token.

Can you paste the command_line sensor definition here? That certainly ought to work, particularly if you’ve successfully run it from the console on the same machine (i.e. it’s not blocked by User-Agent sniffing).

Do you have any other command_line sensors successfully using curl without templating?

Hi all,

a little bit late. I know but thanks Troon. That does the trick. I shouldn’t use state_attr in the curl but And now everything works fine.

Thanks again for your help. :slightly_smiling_face:

Can you please post the full solution or step by step manual? I have the same lock an would like to integrate it.

1 Like

Hi @mkotek,

so what I’ve done so far.

First step is to create the following sensor. Insert your username and password. It will call the api to get the jwt.

  - platform: rest
    name: tedee_token_request
    method: POST
    scan_intervall: 3600  # token expires after 3 hours I guess. Set intervall wisely 
      Content-Type: application/x-www-form-urlencoded
    payload: grant_type=password&username=[username]&password=[password]&scope=openid 02106b82-0524-4fd3-ac57-af774f340979&client_id=02106b82-0524-4fd3-ac57-af774f340979&response_type=token id_token
      - access_token
      - token_type #optional
      - expires_in #optional
    value_template: 'ok'

Once we have the token we can call the api and get information from it. For the post and get commands you can have a look at I just ask for the information of the lock status, but you can make it fit for you.

So second step is the call. I used command_line platform (sensor)

  - platform: command_line
    name: tedee_api
    command: 'curl -H "Authorization:Bearer {{states.sensor.tedee_token_request.attributes["access_token"]}}"[YourLockNumber]'
    - success # optional
    - result
    - statusCode # optional
  value_template: 'ok'

The lock status is in the attribute result which is a json with many information from the lock. Now you can create another template to display the status.

  - platform: template
        friendly_name: 'tedee Status'
        value_template: '{{states.sensor.tedee_api.attributes["result"]["lockProperties"]["state"]}}'

Last but not least I created a binary_sensor to show the status more comfortable. (state is just a number)

  - platform: template
        friendly_name: 'Haustür'
        device_clase: lock
        value_template: "{{is_state('sensor.tedee_status','2')}}"

And that’s it.

Good luck. :slightly_smiling_face:

Sorry for the late response. I have managed to run your code, correcting small spelling errors :slight_smile: (device_clase, scan_intervall), but I wonder how do you refresh the token. It is generated when HA is restarted, but how do you run it later on?

Hi @mkotek,

sorry for the typos. I think I am too stupid to copy paste from nano editor. So I write everything by myself in the post.

Back to your question. The scan_interval should do this job. I set it to 3600s = 1h. This should be working. The token gets invalid after 10800s. So feel free to use something smaller than that.