Tasker & Long Lived Access Tokens

@dshokouhi found a plugin for tasker.

For those who want to check out Long-Lived Access Tokens in 0.78 here are the steps I found for tasker, download this tasker plugin: https://play.google.com/store/apps/details?id=com.freehaha.restask&hl=en_US then setup a task for it inside tasker. Once you start creating the task setup the HTTP Post just like you did before under the Settings tab…Request Type becomes POST, Host is the full API URL (ex: https://hassurl:port/api/services/script/turn_on …notice how api_password is not there) scroll down and check Enable Custom Body then under Custom Body put the JSON (service data) you want to pass…then slide over to the right for Headers…Add a header and call the Name Authorization then for Value you want Bearer <token> where <token> is the long-lived access token that you created under the profile in 0.78…the task should work once you have that setup

9 Likes

@awarecan
Thank you very much for linking that post. I had previously tried RESTask unsuccessfully but following those instructions worked perfectly!
I can now convert my existing Tasker tasks to using the Long Lived Access Token and disable the Legacy API Password in Hass.io without losing any functionality. :smile:

Thanks again for all you do helping the HA community!

How do you guys generate the token? In the frontend?

In your profile panel, https://hassbian.local:8123/profile

4 Likes

Thanks, didn’t realise that page existed :slight_smile:

This post reminded me to move various Tasker profiles from legacy API password to Access Tokens.

I was able to get them working without using a plugin through use of a JavaScriptlet - a redacted exported description of my task that signals HASS that I’ve woken up in the morning is below in case it is of use (or in case I forget and wind up searching on this in the future).

RunScript (40)
A1: Variable Set [ Name:%url To:http://IPADDRESS:PORT Recurse Variables:Off Do Maths:Off Append:Off ] 
A2: Variable Set [ Name:%path To:/api/services/script/turn_on Recurse Variables:Off Do Maths:Off Append:Off ] 
A3: Variable Set [ Name:%entityname To:script.scriptname Recurse Variables:Off Do Maths:Off Append:Off ] 
A4: Variable Set [ Name:%token To:Bearer ABCDEFGHIJK Recurse Variables:Off Do Maths:Off Append:Off ] 
A5: JavaScriptlet [ Code:var uri = url+path;
var data = {entity_id: entityname};
var xhttp = new XMLHttpRequest(); 
xhttp.open( "POST", uri, false ); 
xhttp.setRequestHeader('Authorization', token); 
xhttp.setRequestHeader('Content-Type', 'application/json'); 
xhttp.send(JSON.stringify(data)); 
var rtresponse = xhttp.response; 
var rtcode = xhttp.status; 
Libraries: Auto Exit:On Timeout (Seconds):10 ] 

Although this could be written as a single JavaScriptlet action, I broke out the IP, service path, entityname and Access Token into local variable descriptions to make any maintenance slightly easier.

2 Likes

Good work, would you mind add your solution to our cookbook?

I’ve taken a look at the cookbook.

I’m assuming I’d need to add a new section and then upload a suitably redacted example, presumably exported as XML and appropriately commented?
Apologies if this is more obvious than I think - I’m a little bit fried at the moment after migrating to new firewalls at work and mopping up the resulting collateral damage, so I may not be reading things terribly clearly

If you could give a little guidance then I’ll have a crack at it over the weekend.

You can start from clone https://github.com/home-assistant/home-assistant.io/blob/current/source/_cookbook/owntracks_two_mqtt_broker.markdown file, put it in the same folder (of course you need first fork and create your branch).

I think as long as you preserve following block in the facade area, this file will be auto-indexed to cookbook page.

ha_category: Infrastructure

Thanks for offering some guidance, but I’m not familiar with using GitHub and don’t really have the bandwidth to learn another source code control system at the moment. I was (perhaps naively) expecting the process of submitting an example to be a little simpler, but I do understand the reasoning behind it.

I have mocked up a valid RestAPICallExample.tsk.xml attached below with the description export blockquoted in case it is of use: .

RestAPICallExample.tsk.xml (1.6 KB)

RestAPICallExample (3)
A1: Variable Set [ Name:%url To:http://IPADDRESS:8123 Recurse Variables:Off Do Maths:Off Append:Off ]
A2: Variable Set [ Name:%path To:/api/services/script/turn_on Recurse Variables:Off Do Maths:Off Append:Off ]
A3: Variable Set [ Name:%entityname To:script.name_of_script Recurse Variables:Off Do Maths:Off Append:Off ]
A4: Variable Set [ Name:%token To:Bearer ABCDEFGHIJKLMNO Recurse Variables:Off Do Maths:Off Append:Off ]
A5: JavaScriptlet [ Code:var uri = url+path;
var data = {entity_id: entityname};
var xhttp = new XMLHttpRequest();
xhttp.open( “POST”, uri, false );
xhttp.setRequestHeader(‘Authorization’, token); xhttp.setRequestHeader(‘Content-Type’, ‘application/json’); xhttp.send(JSON.stringify(data));
var rtresponse = xhttp.response;
var rtcode = xhttp.status; Libraries: Auto Exit:On Timeout (Seconds):10 ]

6 Likes

I tried your task (with my url and entityname) and I received a response code 401. The same token works with HA Client.

@TazUk
Thanks for this info and the example! :+1: I’m all for performing actions natively with Tasker whenever possible (more moving parts always complicates things). I imported your example, tweaked the variables for use in my setup and it works perfectly!

Thanks again for taking the time to post this! :smile:

2 Likes

Bieniu:
Status code 401 indicates unauthorized, indicating an issue with the %token variable in your version.
Did you retain the "Bearer " prefix?

Yes “Bearer” prefix was a solution. Thanks.

well done! but howto update a sensor with that command?

In the past i tracked my battery level with a json payload like

{"state":"%BATT", "attributes": {"friendly_name": "cellular batt", "icon":"mdi:cellphone","unit_of_measurement":"%"}}

My example calls a script that sets a boolean, triggering an automation.
The developer docs https://developers.home-assistant.io/docs/en/external_api_rest.html cover passing JSON data as a parameter.

You should be able to modify my example accordingly. I’m still in the process of building out the infrastructure and will not get to additional RestAPI use until the subscription Cloud connection comes online

Someone can give simple example of the usage including all parameters…

i could not get this to work…

@poratnir This can be also done with webhooks and without tasker plugin “RESTask”. Pictures are from RESTask. For testing and running from RESTask own play button, replace the “%HA_token” with your actual token.

I have found that webooks are, by far, the easiest to use in most scenarios.

This post by @masterkenobi is what helped me get it working.

I have also attached some Tasker examples. You will need to create two variables and for my examples to work,%HASSIO_SERVER and %WEBHOOK_ID
where:
%HASSIO_SERVER = https://yourdomain.duckdns.org
and
%WEBHOOK_ID = same_string_as_“webhook_id:”_in_the_automation

Pro tip 1: webhooks don’t require authentication so use a very hard to guess string for webhook_id (mine are 100 character randomly generated strings)
Pro tip 2: don’t use # or % in the webhook_id (Home Assistant doesn’t like # and Tasker doesn’t like %)

Obviously, you will also need to change the entries in the examples to reference items that exist in your Home Assistant environment. Hope these help. :grin:

Webhook_Automation.tsk.xml (1.7 KB)
Webhook_Command.tsk.xml (2.2 KB)
Webhook_Scene.tsk.xml (1.6 KB)
Webhook_Script.tsk.xml (1.6 KB)

Hey
thanks for assisting …tasker is just plug in …
how to activate it?