How to execute API commands via HTTP API?

Discussions about RaZberry - Z-Wave board for Raspberry computer
Post Reply
golaonline
Posts: 19
Joined: 16 Dec 2015 21:59

How to execute API commands via HTTP API?

Post by golaonline » 15 Dec 2016 04:07

All,

Anyone knows or has done it. I know it can be done as per the sample given inside the network, but how do you execute such commands via outside access via find.z-wave.me?

Sample I am aware of is curl -v -u admin:admin 192.168.0.62:8083/ZAutomation/api/v1/devices/ZWayVDev_zway_6-0-37/command/on

from the docs at http://razberry.zwave.me/index.php?id=13

kWave
Posts: 21
Joined: 11 Dec 2016 00:02

Re: How to execute API commands via HTTP API?

Post by kWave » 21 Dec 2016 01:48

You could open the port 8083 in your Router and direct it to your Controller, but i would not recommend this in terms of security.

golaonline
Posts: 19
Joined: 16 Dec 2015 21:59

Re: How to execute API commands via HTTP API?

Post by golaonline » 03 Jan 2017 22:36

I am looking at an option that's safe and secure. I do understand that there are some cookies being returned with header 'ZBW-SESSID', but I am trying to see how I can replicate with my own code, I have had no luck getting these returned, when I try to make a call to login via find.z-wave.me. Calling APIs locally with internal IPs works as expected.

Thanks,

Provo
Posts: 112
Joined: 19 Oct 2016 19:54

Re: How to execute API commands via HTTP API?

Post by Provo » 04 Jan 2017 10:45

This doesn't answer your question completely, but if you go to find.z-wave.me in your web browser, enter your Razberry ID and password, and then log in to your z-way system, the API is available like normal, simply by using the address bar and URLs like https://find.z-wave.me/ZAutomation/api/ ... command/on. So I guess it should work if you do this remote id login process with Curl and save the cookies to preserve the session id and everything needed for the service to know to which Razberry it should connect. If find.z-wave.me doesn't support passing on basic auth, you would have to do the login process with Curl and save the cookies for this as well. There is an example here, which you might be able to modify for your needs: http://razberry.z-wave.me/index.php?id=13

Sparkacus
Posts: 24
Joined: 26 Nov 2015 16:19

Re: How to execute API commands via HTTP API?

Post by Sparkacus » 24 Mar 2017 12:38

I too am looking for a solution that would allow a 3rd party to communicate with a z-way controller via the Z-WAY API, without having to touch router configurations.

I've designed an app that will work with virtual assistants such as Alexa, but the only way my app will work at the moment is for a user to store their Z-WAY username/pass on my app, open up their router to allow access from my server before this will work, which for obvious reasons is not good - https://forum.z-wave.me/viewtopic.php?f=3419&t=24642

Even if I could get this to work with the find.z-wave.me service, I'd still need to store user credentials.

I could look into developing a client web socket module for Z-WAY, which then authenticates with my app and relays commands which then would allow the user to store the Z-WAY user credentials locally, but this is complicated and I'd rather not look into it if there are already plans in place for a more secure remote service to interact with 3rd party apps.

I don't suppose the administrators could offer some advice please?

User avatar
PoltoS
Posts: 5376
Joined: 26 Jan 2011 19:36

Re: How to execute API commands via HTTP API?

Post by PoltoS » 26 Mar 2017 02:07

I don't really get what you want. You want to use find.z-wave.me remote access but don't want to store user credentials? How do you want to authenticate then? Using a token?

ZBW-SESSID is the token you need. You can pass it via cookie or via header - does not matter. This is to pass find.z-wave.me.

Also you need Z-Way token to auth on Z-Way itself. This one can also come via header or cookie

But both are temporarily sessions. Making them permanent is pretty same as to store user name and password

Post Reply