Credential Tool: Error while checking user account. Status Code: 400 #196
Comments
|
I'm seeing this as well, but receiving a 401 instead of a 400. |
|
mine now has a 401 as well |
|
My error is: Country code: "DE" "Error while checking user account. Status Code: 401" |
|
Same here. Runing on a Raspberry Pi with arm64. It comes in step2 after enter the account password and secure code from email. EDIT: I changed my password of the Dyson Account and drag the new password in the credencials tool. It works directly. |
|
Same issue, getting "Error while checking user account. Status Code: 401" |
|
I'm getting the same issue. Country: AU "Error while checking user account. Status Code: 401" EDIT: I re-installed the plugin and started the config fresh and it worked. |
|
This plugin just became unusable as it gives error 401 on any device, container or browser. Even after reinstall and reboot. Can we fix this? |
|
Also seeing Error Code: 401 Got it working!
|
|
I have the same issue 400 error on step 1 after enter email and country. Please help |
|
The solution is one post above yours from jflow |
|
Hi, Not using this project but a customised version of libpurecool https://github.com/qdel/libpurecool. But anyway, i face the same problem and would be happy to share thougts. In my version, i call this query daily. And i put in cache all queries. (as the device credentials seems not to move...) And this is where the fun starts:
This call does not meet 401 anymore but 200. The app is, maybe, making another call or transfering data allowing the webservices to be authorized. |
This did not work for me. I am now back to the 400 response instead of the 401. |
This also worked for me! |
Worked for me also! |
I was getting the 400 response also - found that I actually had to type "US" into the country field, even though "US" appeared in it as a default value. |
This doesn't work me. I am running homebridge on mac and it still shows 401 |
That was the issue for me too. Didn't realize you needed to manually type in the country field. |
|
Just wanted to comment in case anyone else finds this. Originally I didn't enter the "US" code in the first line of the credential page at I kept receiving the same What eventually worked was:
Not sure if the VPN helped or not, but wanted to mention in case anyone else is having difficulties. Good luck! |
|
I've changed the placeholder to "XX" instead of "US" in version 2.3.2, so that people do not mistake it for a prefilled value. |
|
I can't seem to get anything other than an instant Any additional guidance, like turning on logging for this plugin? I am a developer, and would be happy to submit a PR with a fix, if there is one. |
This worked for me! |
|
Is there a fix for this at all? 401 every day, all day. |
I ended up going through the code and manually making all the API calls using Postman, and then using a little of the javascript code to get the local device key. |
It's honestly so broken I just gave up and went back to my old plugin dyson link. Works immediately. |
|
Same issue here, I always get 401. |
Solution / Workaroundgit clone https://github.com/shenxn/libdyson.git
cd libdyson/
pip3 install -r requirements.txt
python3 get_devices.pyThen manually create the base64 encoded JSON object that this project expects. const deviceBody = {}
deviceBody.password = 'take result from Credential and write it here'
deviceBody.Name = 'Bedroom'
deviceBody.Serial = 'VS5-CA-XXXXXXXX'
deviceBody.ProductType = '438'
deviceBody.Version = 'ECG2PF.02.06.003.0002'
console.log(btoa(JSON.stringify(deviceBody))) |
|
I was getting HTTP 400 back from both this and the libdyson tool at the command line, until I realised copying the OTP from the email was coming with a leading space. Making sure the leading space was removed when pasting in to the OTP field made it work. |
Hi, I've got all the results from Postman, but I have no clue to extract the local device key from the localcredentials, can you share the javascript code? Thank you |
|
This also no longer works for me as of May 2023.
I finally got the credentials after days of 401. gh repo clone libdyson-wg/libdyson-neon
cd libdyson-neon/
pip3 install -r requirements.txt
python get_devices.pyGot the creds 🙏🏻 |
Hmm but they are not working :( I even debugged the {
"Serial": "A1F-AU-xxxxxxxx",
"Name": "Bedroom",
"Version": "ECG2PF.30.06.003.0002",
"LocalCredentials": "xxx",
"AutoUpdate": true,
"NewVersionAvailable": false,
"ProductType": "527",
"ConnectionType": "wss"
}
So I'm guessing the credentials object this plugin is expecting is more than just the decrytpted password. |
|
Hi there, I'm the (new) core maintainer of https://github.com/libdyson-wg/libdyson-neon. I can try to shed some light on the core 2fa authentication issue here, although I'm not sure about the specific credentials comment that I was pinged on. I reverse-engineered the Android app to find out how it's able to work without the logout-workaround we're all stuck with. Turns out the Dyson App API has what I'm calling an "App Provisioning Step" which has caused the core issue here. It doesn't seem to be specifically intended as a security feature, but it does impact authorization against the App API. There's an API endpoint on a "provisioningservice" path that we need to call before calling other endpoints. The return value is not needed, and we don't need to save any cookies or session tokens. It seems like the API Server sets some internal flag allowing API Calls from a specific address based solely on this endpoint being called. It returns a version number in a json-encoded string: The endpoint I used to fix the logout workaround in libdyson-neon is It's super easy to implement a solution. I'll be happy to raise a PR if that's preferred. Or if the maintainers here would like to do it themselves, feel free to take inspiration from how I solved this issue in libdyson: |
|
Hey @dotvezz - sorry maybe I shouldn't have pinged you. Just wanted to note that out of all the flows and libs to try and get credentials, yours was the only one that worked. However the credentials generated for this project are not the credentials returned by your library (encoded device password), but the base64 encoded The flow on this project would not work with the new Dyson email MFA no matter what I did. Essentially printing the final credentials object needed by this project by using the API bearer token I was able to get from your project. I just ended up using a combination of a fork of your code, and some of the code from this repo to generate the credentials object needed for this Homebridge Plugin installation. My results 👉🏻 https://github.com/lantrix/homebridge-dyson-pure-cool-credentials-generator There are a lot of other users of this project (which I'm just an end user of) who seem to have the 401 auth issue with this app using its built in credentials-generator-website.js. For example #279 and #301 I'm sure the project creator @lukasroegner would welcome a PR to fix issues with the new (annoying) Dyson email based 2FA.
|
|
|
and others
Trying this plugin for first time.
Dyson account is setup.
Logged out of app and logged in with email/password/code-from-email
Using the credential app on port 48000
Enter US and my email and get
Error while checking user account. Status Code: 400
Ideas? Is Dyson blocking this plugin?
The text was updated successfully, but these errors were encountered: