Make selected Loxone virtual inputs securely available to any service that can send http requests.
- HTTPS encryption (LetsEncrypt)
- AuthKey authorization
Many services that you might want to integrate with your Loxone system are able to send HTTP requests. The Loxone Miniserver is able to accept HTTP requests but you cannot use it for most services because you need to use a complex encryption method that no service I know supports (except services provided by Loxone) or you need to use an unsafe connection method. Loxone is working on implementing a more standard authentication method (JSON Web Tokens) but even if JWT are implemented, I doubt that this will be supported by many services.
| Connection method | Usability |
|---|---|
| Unencrypted with Basic Auth | Because Basic Auth does not provide confidentiality it is not secure to use it on the public internet |
| Encrypted with custom encryption | No service I know supports it. |
| JSON Web Tokens | Not yet fully implemented / not supported by many services |
Loxwebhook runs on a separate server (a very low level device like a Raspberry Pi is more than sufficient) to offload the http encryption, protect the Miniserver against DOS attacks (rate limit the requests) and adds an authentication layer based on authKeys to authorize request.
Loxwebhook is stable and works for me since end of 2018 without problems.
I use it to connect IFTTT and Loxone. So I am very certain I will actively maintain Loxwebhook as long as Loxone does not offer a build in IFTTT integration.
If you find something that is not working like expected, don't hesitate to create a github issue.