Tesla authentication fails

[michis0806]

The problem

My Tesla-integration stopped working yesterday without any changes on the Tesla-accout or the home assistant integration.

What is version of Home Assistant Core has the issue?

core-2021.8.2

What was the last working version of Home Assistant Core?

core-2021.8.2

What type of installation are you running?

Home Assistant Container

Integration causing the issue

Tesla

Link to integration documentation on our website

https://www.home-assistant.io/integrations/tesla/

Example YAML snippet

No response

Anything in the logs that might be useful for us?

Logger: homeassistant.components.tesla.config_flow
Source: components/tesla/config_flow.py:172 
Integration: Tesla (documentation, issues) 
First occurred: 22:46:12 (1 occurrences) 
Last logged: 22:46:12

Authentication error: Unable to login with credentials

Additional information

credentials are working on tesla.com. I tried to uninstall integration, restart home assistant, re-install integration. Error occurs again.

[probot-home-assistant]

Hey there @zabuldon, @alandtse, mind taking a look at this issue as it has been labeled with an integration (tesla) you are listed as a code owner for? Thanks!
_{^{(message by CodeOwnersMention)}}

---

tesla documentation
tesla source
_{^{(message by IssueLinks)}}

[umrath]

Same here.
I cannot login with any account, no matter whether it has 2fa enabled or not.

[dieselrabbit]

Just updated to core-2021.8.2 and now seeing the same.

[ideal2545]

Same here as well, just tried it after enabling 2FA and no go.

[alandtse]

The "me too posts" clutters the thread. Please +1 the original post if you are having this issue.

That said, I will not be working on this for reasons described here.

Alternatively, someone posted a workaround for advanced users who want to manually log in and copy their tokens over. Modifying .storage directly is not recommended so proceed with caution.

[skrenes]

It seems every other time I upgrade HA, the Tesla integration breaks :-/

[rubin110]

I'm on core-2021.8.3 and still hitting it. Debug log, sanitized anything that looked like a UUID or a token.

2021-08-07 10:51:00 DEBUG (MainThread) [teslajsonpy.connection] Attempt #1
2021-08-07 10:51:00 DEBUG (MainThread) [httpx._client] HTTP Request: POST https://auth.tesla.com/oauth2/v3/authorize?client_id=ownerapi&code_challenge=SANITIZE&code_challenge_method=S256&redirect_uri=https://auth.tesla.com/void/callback&response_type=code&scope=openid+email+offline_access&state=SANITIZE "HTTP/1.1 200 OK"
2021-08-07 10:51:00 DEBUG (MainThread) [teslajsonpy.connection] POST:
https://auth.tesla.com/oauth2/v3/authorize?client_id=ownerapi&code_challenge=SANITIZE&code_challenge_method=S256&redirect_uri=https://auth.tesla.com/void/callback&response_type=code&scope=openid+email+offline_access&state=SANITIZE with
Headers({'host': 'auth.tesla.com', 'accept': '*/*', 'accept-encoding': 'gzip, deflate', 'connection': 'keep-alive', 'user-agent': 'HomeAssistant/2021.8.3 httpx/0.18.2 Python/3.9', 'cookie': '_abck=SANITIZE; ak_bmsc=SANITIZE; bm_sv=SANITIZE=; bm_sz=SANITIZE; tesla-auth.sid=sSANITIZE', 'content-length': '178', 'content-type': 'application/x-www-form-urlencoded'})
 returned 200:OK with response Headers([('content-type', 'text/html; charset=utf-8'), ('x-dns-prefetch-control', 'off'), ('x-frame-options', 'DENY'), ('strict-transport-security', 'max-age=15552000; includeSubDomains'), ('x-download-options', 'noopen'), ('x-content-type-options', 'nosniff'), ('x-xss-protection', '1; mode=block'), ('x-request-id', 'SANITIZE'), ('x-correlation-id', 'SANITIZE'), ('cache-control', 'no-store'), ('content-security-policy', "connect-src 'self'; default-src 'none'; font-src 'self' data: fonts.gstatic.com; frame-src 'self' www.google.com www.recaptcha.net; img-src 'self' data:; script-src www.recaptcha.net 'self' 'nonce-SANITIZE'; style-src 'unsafe-inline' 'self'"), ('x-content-security-policy', "connect-src 'self'; default-src 'none'; font-src 'self' data: fonts.gstatic.com; frame-src 'self' www.google.com www.recaptcha.net; img-src 'self' data:; script-src www.recaptcha.net 'self' 'nonce-SANITIZE'; style-src 'unsafe-inline' 'self'"), ('x-webkit-csp', "connect-src 'self'; default-src 'none'; font-src 'self' data: fonts.gstatic.com; frame-src 'self' www.google.com www.recaptcha.net; img-src 'self' data:; script-src www.recaptcha.net 'self' 'nonce-SANITIZE'; style-src 'unsafe-inline' 'self'"), ('etag', 'SANITIZE"'), ('x-response-time', '27.014ms'), ('content-encoding', 'gzip'), ('x-edgeconnect-midmile-rtt', '52'), ('x-edgeconnect-origin-mex-latency', '82'), ('originip', 'SANITIZE'), ('x-akamai-transformed', '9 6118 0 pmb=mTOE,1'), ('date', 'Sat, 07 Aug 2021 17:51:00 GMT'), ('content-length', '5949'), ('connection', 'keep-alive'), ('vary', 'Accept-Encoding'), ('set-cookie', 'tesla-auth.sid=sSANITIZE; Path=/; Expires=Tue, 10 Aug 2021 17:51:00 GMT; HttpOnly; Secure; SameSite=Lax'), ('origin_hostname', 'auth.tesla.com'), ('permissions-policy', 'interest-cohort=()'), ('set-cookie', 'bm_sv=SANITIZE=; Domain=.tesla.com; Path=/; Max-Age=7197; HttpOnly')])

The response looks like a captcha.

[niemyjski]

Still an issue with 2021.8.4

[anhaff]

It seems every other time I upgrade HA, the Tesla integration breaks :-/

And it is strange that other API-users seem not to have so many problems - tibber for instance. https://support.tibber.com/en/articles/4408566-smart-charging-explained

[rubin110]

I use an app called A Better Routeplanner to plan out multi waypoint trips with my car. It offers to poll data from the car through the Tesla API in order to adjust estimations and when to charge the car where.

Anyhow, I noticed the other day it wasn't providing live data anymore, and just now had time to investigate. This is the screen I would typically type in my Tesla account credentials in order for their service to gain a token from Tesla, I don't remember there being a captcha here before.

So I'm guessing their API is requiring captcha completion for some (not all) of the logins, and the HA integration isn't setup to deal with that usecase?

[alandtse]

So I'm guessing their API is requiring captcha completion for some (not all) of the logins, and the HA integration isn't setup to deal with that usecase?

Correct. That is the cause.

[MrPaulAR]

It would be nice if we could be given the option to provide an API token instead of user/pass[/mfa].

Not sure if that would fix the problem.

[rubin110]

Do a search for tesla in /hass/homeassistant/.storage/core.config_entries. Though I'm not sure if this entry is related to the older version of the extension prior to the auth change. I'll give it a try later this evening and see if sticking my keys in here work.

[k-korn]

Workaround for TeslaFi users (or the ones who can obtain auth keys from other similar service):

• Go to TeslaFi "Settings - Tesla Account - Generate new token"
• Select " Display Token:" on that page
• Enter Tesla credentials and captcha
• On the result page, save "New Refresh Token" (the long one) and "New Token" (starts with qts- usually)
• stop Home Assistant
• Open < Hass Config Dir >/.storage/core.config_entries
• Find entry with domain": "tesla"
• Replace data/token with "New Refresh Token" and data/access_token with "New Token" from above.
• Add "expiration": 1828416519 at the same level (or use another future UnixTime entry)

The result will look like this:

            {
                "entry_id": "f0a8a...51fdb",
                "version": 1,
                "domain": "tesla",
                "title": "[email protected]",
                "data": {
                    "token": " < New Refresh Token from TeslaFi>",
                    "access_token": "<New Token>",
                    "username": "[email protected]",
                    "password": "well,yeah",
                    "expiration": 1828416519
                },

• Start Home Assistant. It will be able to get data until the token expires (month or so)

[BreakingBread0]

It would be nice if we could be given the option to provide an API token instead of user/pass[/mfa].

Not sure if that would fix the problem.

Please test this branch to log in with your tesla refresh and access tokens. (Username = refresh token, Password = access token). Use this app to obtain both of those tokens. If that works I will create a new config flow option to use your refresh token to login. (The access token can be generated by itself once this fix gets merged to teslajsonpy)

Keep in mind that this is not a fix for production use, this is just for texting and WILL break.

[rasssta]

It would be nice if we could be given the option to provide an API token instead of user/pass[/mfa].
Not sure if that would fix the problem.

Please test this branch to log in with your tesla refresh and access tokens. (Username = refresh token, Password = access token). Use this app to obtain both of those tokens. If that works I will create a new config flow option to use your refresh token to login. (The access token can be generated by itself once this fix gets merged to teslajsonpy)

I was able to authenticate and add the car to HASS again. But I get an error when it tries to fetch actual data it seems.

2021-08-09 19:37:12 ERROR (MainThread) [homeassistant.components.tesla] Error fetching tesla data: Error communicating with API:

All sensors are unavailable.

[BreakingBread0]

It would be nice if we could be given the option to provide an API token instead of user/pass[/mfa].
Not sure if that would fix the problem.

Please test this branch to log in with your tesla refresh and access tokens. (Username = refresh token, Password = access token). Use this app to obtain both of those tokens. If that works I will create a new config flow option to use your refresh token to login. (The access token can be generated by itself once this fix gets merged to teslajsonpy)

I was able to authenticate and add the car to HASS again. But I get an error when it tries to fetch actual data it seems.

2021-08-09 19:37:12 ERROR (MainThread) [homeassistant.components.tesla] Error fetching tesla data: Error communicating with API:

All sensors are unavailable.

Expected as much, this was just for testing. Ill be pushing a change on there that should allow it to work past the initial setup phase today or tomorrow.

[rasssta]

Workaround for TeslaFi users (or the ones who can obtain auth keys from other similar service):

• Go to TeslaFi "Settings - Tesla Account - Generate new token"
• Select " Display Token:" on that page
• Enter Tesla credentials and captcha
• On the result page, save "New Refresh Token" (the long one) and "New Token" (starts with qts- usually)
• stop Home Assistant
• Open < Hass Config Dir >/.storage/core.config_entries
• Find entry with domain": "tesla"
• Replace data/token with "New Refresh Token" and data/access_token with "New Token" from above.
• Add "expiration": 1828416519 at the same level (or use another future UnixTime entry)

The result will look like this:

            {
                "entry_id": "f0a8a...51fdb",
                "version": 1,
                "domain": "tesla",
                "title": "[email protected]",
                "data": {
                    "token": " < New Refresh Token from TeslaFi>",
                    "access_token": "<New Token>",
                    "username": "[email protected]",
                    "password": "well,yeah",
                    "expiration": 1828416519
                },

• Start Home Assistant. It will be able to get data until the token expires (month or so)

Thanks, worked fine!

[rubin110]

Just so I can wrap my head around how the SSO refresh token. If the token is cycled by a different client hitting the endpoint with the same token as what's entered in HA, will HA be able to roll the token forward itself too?

[wbradmoore]

Workaround for TeslaFi users (or the ones who can obtain auth keys from other similar service):

* Go to TeslaFi "Settings - Tesla Account - Generate new token"

* Select " Display Token:" on that page

* Enter Tesla credentials and captcha

* On the result page, save "New Refresh Token" (the long one) and "New Token" (starts with qts- usually)

* stop Home Assistant

* Open < Hass Config Dir >/.storage/core.config_entries

* Find entry with domain": "tesla"

* Replace data/token with "New Refresh Token" and data/access_token with "New Token" from above.

* Add "expiration": 1828416519 at the same level (or use another future UnixTime entry)

The result will look like this:

            {
                "entry_id": "f0a8a...51fdb",
                "version": 1,
                "domain": "tesla",
                "title": "[email protected]",
                "data": {
                    "token": " < New Refresh Token from TeslaFi>",
                    "access_token": "<New Token>",
                    "username": "[email protected]",
                    "password": "well,yeah",
                    "expiration": 1828416519
                },

* Start Home Assistant. It will be able to get data until the token expires (month or so)

I guess this doesn't work if I've removed the integration already? I can't re-add it because it gives me the error upon attempting to do so.

[bdoooh]

Workaround for TeslaFi users (or the ones who can obtain auth keys from other similar service):

* Go to TeslaFi "Settings - Tesla Account - Generate new token"

* Select " Display Token:" on that page

* Enter Tesla credentials and captcha

* On the result page, save "New Refresh Token" (the long one) and "New Token" (starts with qts- usually)

* stop Home Assistant

* Open < Hass Config Dir >/.storage/core.config_entries

* Find entry with domain": "tesla"

* Replace data/token with "New Refresh Token" and data/access_token with "New Token" from above.

* Add "expiration": 1828416519 at the same level (or use another future UnixTime entry)

The result will look like this:

            {
                "entry_id": "f0a8a...51fdb",
                "version": 1,
                "domain": "tesla",
                "title": "[email protected]",
                "data": {
                    "token": " < New Refresh Token from TeslaFi>",
                    "access_token": "<New Token>",
                    "username": "[email protected]",
                    "password": "well,yeah",
                    "expiration": 1828416519
                },

* Start Home Assistant. It will be able to get data until the token expires (month or so)

I guess this doesn't work if I've removed the integration already? I can't re-add it because it gives me the error upon attempting to do so.

I went into my backups to retrieve an older version of core.config_entries and pasted the Tesla block in with the updated tokens from TeslaFi. Still didn't work for me. Getting the invalid config error still in the Tesla integration. But the integration DID show back up since I had removed it before.

[rubin110]

@bdoooh Did you push back the expiration time?

[bdoooh]

@bdoooh Did you push back the expiration time?

Yeah I input the expiration date in September specified in TeslaFi into the unix time converter and copied that value. I can double check & try again I guess.

Edit: Yeah I just checked the config_entries and this is what I have..

            {
             	"entry_id": "d48a....244",
                "version": 1,
                "domain": "tesla",
                "title": "xxxxxxxx",
                "data": {
                    "username": "xxxxxxxx",
                    "password": "xxxxxxxx",
                    "access_token": "qts-xxxxxxxx",
                    "token": "xxxxxxxx",
                    "expiration": 1631500149
                },
                "options": {
                    "scan_interval": 660
                },
                "pref_disable_new_entities": false,
                "pref_disable_polling": false,
                "source": "import",
                "unique_id": null,
                "disabled_by": null
            },

[mat1990dj]

I need this to be solved, all my automations are broken 😢

[rubin110]

@bdoooh I had botched up pasting my API keys on my first attempt. Try looking at your logs for any mention of tesla. You may need to change your default logging level to get more details.

@mat1990dj @denisjoshua : The workaround listed in this previous comment worked for me. You can grab your API keys from this app on Android, if you search around there's a similar app for iOS. If you know how to edit your configuration.yaml file directly on your HASS machine, you're capable of making this work around go in order to fix your crucial automations.

If you need a proper solution, feel free to fix the code and drop a pull request as per the guidelines of this open source project, or wait for a volunteer dev to get to this issue. Otherwise that workaround does indeed work.

[mat1990dj]

I don't know how to edit my configuration.yaml file directly on my HASS machine in my case

…

________________________________ De: Rubin Starset ***@***.***> Enviado: jueves, 12 de agosto de 2021 17:14 Para: home-assistant/core ***@***.***> Cc: mat1990dj ***@***.***>; Mention ***@***.***> Asunto: Re: [home-assistant/core] Tesla authentication fails (#54177) @bdoooh<https://github.com/bdoooh> I had botched up pasting my API keys on my first attempt. Try looking at your logs for any mention of tesla. You may need to change your default logging level<https://www.home-assistant.io/integrations/logger/#log-levels> to get more details. @mat1990dj<https://github.com/mat1990dj> @denisjoshua<https://github.com/denisjoshua> : The workaround listed in this previous comment<#54177 (comment)> worked for me. You can grab your API keys from this app on Android<https://play.google.com/store/apps/details?id=net.leveugle.teslatokens>, if you search around there's a similar app for iOS. If you know how to edit your configuration.yaml file directly on your HASS machine, you're capable of making this work around go in order to fix your crucial automations. If you need a proper solution, feel free to fix the code and drop a pull request as per the guidelines of this open source project<https://github.com/home-assistant/core/blob/master/CONTRIBUTING.md>, or wait for a volunteer dev to get to this issue. Otherwise that workaround does indeed work. — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub<#54177 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/ABH2NW5G5C27DZ7WOWTDO3DT4PQOXANCNFSM5BWSWJZQ>. Triage notifications on the go with GitHub Mobile for iOS<https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675> or Android<https://play.google.com/store/apps/details?id=com.github.android&utm_campaign=notification-email>.

[Nicao]

Can maybe @frenck have some from HA core Team take a look at it and help? It seems there is no one capable to take over the role of code owner right now and code is broken for this official integration.

[focher]

For those interested in using Postman to obtain the access token and refresh token, you can follow this https://github.com/jdemeyer1/TeslaAPIThruPostman.

[ocalvo]

Seeing the same problem.
Can someone post a quick summary of the workaround?
I don't have TeslaFI

[john159753]

@Nicao I think that's because there is no "HA Core Team".... there are moderators who try to aim the efforts in the same direction, but this is oss, everyone is the team.

[frenck]

It wasn't an indirect "f*ck off" it was indirect "Not cool": You pulled me into a conversation. In general, it is unpolite to randomly mention someone and ask for support. This is also documented in our community guidelines.

I don't own a Tesla, nor have I any idea what is going on. Please don't tag/mention people @ random.

Thanks 👍

[zabuldon]

Hello guys,
As I can see there is a huge discussion around Tesla component. Let me explain why I'm not contributing this anymore.
I don't have Tesla anymore, so it is not easy to support this whiothout having a cat, so if someone ready to help with troubleshooting I can spend some time to work on the integration again, but I'm not sure if that issue not occurs again in the future. Ideal solution in this case to find out a new maintainer.

[denisjoshua]

I don't know why... but I was sure that you wasn't send an indirect "f*ck off" :-)
We all wait that someone will save us and save all automatism that use this integration.

Thanks all
Denis

[rubin110]

@zabuldon: Quality engineer here who can read logs and edit files. Happy to help test changes through the standard update process for HA, but due to work I don't have the spoons right now to build anything with patches and deploy onto my local instance.

Mostly I think just providing fields to enter in API tokens will give most of the commenters here a work around avenue to stop "me tooing" on this ticket. API tokens can be obtained through Tesla Tokens on Android and Auth app for Tesla on iOS, no fiddling with JSON required.

I don't understand how some of my other Tesla 3rd party tools sidestep captcha, I believe Teslamate is in that bucket but I could be wrong.

One major problem with the HA's Tesla integration (and many many other 3rd party integrations) is the refresh rate constantly waking up the car which turns into a vampire drain on the battery over night, as described in the docs. Teslamate is very intelligent on when it should or shouldn't pole data in order to avoid vampire drain, and even documents how it should be used in parallel with the HA Tesla integration (directing the use to extended out the wait before next refresh in HA). Would it be ok to edit the HA doc to provide a link to Teslamate's documentation regarding this to give the user another option?

[BreakingBread0]

Hello guys,
As I can see there is a huge discussion around Tesla component. Let me explain why I'm not contributing this anymore.
I don't have Tesla anymore, so it is not easy to support this whiothout having a cat, so if someone ready to help with troubleshooting I can spend some time to work on the integration again, but I'm not sure if that issue not occurs again in the future. Ideal solution in this case to find out a new maintainer.

I can take up being a maintainer for the Tesla integration, though I dont know how I would go on doing so. Also I am still on holiday so thatll have to wait a few more days / weeks.

[alandtse]

I don't have Tesla anymore, so it is not easy to support this whiothout having a cat, so if someone ready to help with troubleshooting I can spend some time to work on the integration again, but I'm not sure if that issue not occurs again in the future. Ideal solution in this case to find out a new maintainer.

Thanks @zabuldon for your help getting this integration started. Do you want to be removed from codeowners since it's hard for you to support it now? It also might help if people notice the list of owners has lost people. One thing that's been discussed is that HA could show the health of integrations by looking at number of active codeowners. I don't know what happened to that initiative though.

One major problem with the HA's Tesla integration (and many many other 3rd party integrations) is the refresh rate constantly waking up the car which turns into a vampire drain on the battery over night, as described in the docs. Teslamate is very intelligent on when it should or shouldn't pole data in order to avoid vampire drain, and even documents how it should be used in parallel with the HA Tesla integration (directing the use to extended out the wait before next refresh in HA). Would it be ok to edit the HA doc to provide a link to Teslamate's documentation regarding this to give the user another option?

Please open a new issue if you're having a problem and I can look at it. I spent a lot of time looking at the algorithm with other people and tested it across my own use case of 3 separate Teslas till we found 11 minute as a good sweet spot. I've also pushed individual users who want more frequent data precisely because I'm concerned about vampire drain for the majority of users. You're free to edit the documentation as you want to make it better since this is a community effort. I know at least one person who configured their HA to stop updates for a car if Teslamate indicated it was trying to let it sleep. But I don't use it so don't know the automation.

I can take up being a maintainer for the Tesla integration, though I dont know how I would go on doing so. Also I am still on holiday so thatll have to wait a few more days / weeks.

Welcome aboard @BreakingBread0 and thanks. As mentioned in teslajsonpy, I can push out your changes in that API pretty quickly and can help explain where I think you'll need changes. I will also review your changes here as that will also help unstick the PR queue. The complexity for the fix is the fact you'll need a process that will detect if the captcha shows up and also if the MFA shows up. I see it as at least 3 stages in the config flow, but you may be able to simplify it. I'm on the HA discord if you want to chat.

If you decide to avoid the login and just allow tokens, that may avoid the complexity as you have outsourced the login to the other apps but the PR may be rejected since no other integrations do that. It'd probably worth raising in Discord before you try the token method.

I would not suggest doing both methods unless you want to take on the complexity of two login paths.

[ocalvo]

@zabuldon: Quality engineer here who can read logs and edit files. Happy to help test changes through the standard update process for HA, but due to work I don't have the spoons right now to build anything with patches and deploy onto my local instance.

Mostly I think just providing fields to enter in API tokens will give most of the commenters here a work around avenue to stop "me tooing" on this ticket. API tokens can be obtained through Tesla Tokens on Android and Auth app for Tesla on iOS, no fiddling with JSON required.

I don't understand how some of my other Tesla 3rd party tools sidestep captcha, I believe Teslamate is in that bucket but I could be wrong.

One major problem with the HA's Tesla integration (and many many other 3rd party integrations) is the refresh rate constantly waking up the car which turns into a vampire drain on the battery over night, as described in the docs. Teslamate is very intelligent on when it should or shouldn't pole data in order to avoid vampire drain, and even documents how it should be used in parallel with the HA Tesla integration (directing the use to extended out the wait before next refresh in HA). Would it be ok to edit the HA doc to provide a link to Teslamate's documentation regarding this to give the user another option?

Thanks so much for the link to the Android app. I only changed the Refresh token and the date and now my integration is functional again.

[mat1990dj]

I've got one and I'm ready to help

…

________________________________ From: Alan Tse ***@***.***> Sent: Friday, August 27, 2021 1:44:40 AM To: home-assistant/core ***@***.***> Cc: mat1990dj ***@***.***>; Mention ***@***.***> Subject: Re: [home-assistant/core] Tesla authentication fails (#54177) I don't have Tesla anymore, so it is not easy to support this whiothout having a cat, so if someone ready to help with troubleshooting I can spend some time to work on the integration again, but I'm not sure if that issue not occurs again in the future. Ideal solution in this case to find out a new maintainer. Thanks @zabuldon<https://github.com/zabuldon> for your help getting this integration started. Do you want to be removed from codeowners since it's hard for you to support it now? It also might help if people notice the list of owners has lost people. One thing that's been discussed is that HA could show the health of integrations by looking at number of active codeowners. I don't know what happened to that initiative though. One major problem with the HA's Tesla integration (and many many other 3rd party integrations) is the refresh rate constantly waking up the car which turns into a vampire drain on the battery over night, as described<https://www.home-assistant.io/integrations/tesla/#potential-battery-impacts> in the docs. Teslamate is very intelligent on when it should or shouldn't pole data in order to avoid vampire drain, and even documents<https://docs.teslamate.org/docs/integrations/home_assistant/> how it should be used in parallel with the HA Tesla integration (directing the use to extended out the wait before next refresh in HA). Would it be ok to edit the HA doc to provide a link to Teslamate's documentation regarding this to give the user another option? Please open a new issue if you're having a problem and I can look at it. I spent a lot of time looking at the algorithm with other people and tested it across my own use case of 3 separate Teslas till we found 11 minute as a good sweet spot. I've also pushed individual users who want more frequent data precisely because I'm concerned about vampire drain for the majority of users. You're free to edit the documentation as you want to make it better since this is a community effort. I know at least one person who configured their HA to stop updates for a car if Teslamate indicated it was trying to let it sleep. But I don't use it so don't know the automation. I can take up being a maintainer for the Tesla integration, though I dont know how I would go on doing so. Also I am still on holiday so thatll have to wait a few more days / weeks. Welcome aboard @BreakingBread0<https://github.com/BreakingBread0> and thanks. As mentioned in teslajsonpy, I can push out your changes in that API pretty quickly and can help explain where I think you'll need changes. I will also review your changes here as that will also help unstick the PR queue. The complexity for the fix is the fact you'll need a process that will detect if the captcha shows up and also if the MFA shows up. I see it as at least 3 stages in the config flow, but you may be able to simplify it. I'm on the HA discord if you want to chat. If you decide to avoid the login and just allow tokens, that may avoid the complexity as you have outsourced the login to the other apps but the PR may be rejected since no other integrations do that. It'd probably worth raising in Discord before you try the token method. I would not suggest doing both methods unless you want to take on the complexity of two login paths. — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub<#54177 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/ABH2NWZQXLVEPMEZPQSONGDT63GWRANCNFSM5BWSWJZQ>. Triage notifications on the go with GitHub Mobile for iOS<https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675> or Android<https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub>.

[zabuldon]

Thanks @zabuldon for your help getting this integration started. Do you want to be removed from codeowners since it's hard for you to support it now? It also might help if people notice the list of owners has lost people. One thing that's been discussed is that HA could show the health of integrations by looking at number of active codeowners. I don't know what happened to that initiative though.

I don't think that it is necessary to remove myself from codeowners as sometimes I'm still checking issues and PRs.
Please drop me an email @mat1990dj if you ready to help

[focher]

To integrate the full captcha-based login to obtain a token, you are free to look at the Postman Collection I linked to above. It's another Github project and has all of the steps to connect to Tesla's authentication endpoint, generate the appropriate codes / strings, pull up the Tesla authentication UI with captcha, and obtain the access token and refresh token.

https://github.com/jdemeyer1/TeslaAPIThruPostman

[nemith]

Most of the Telsa integration in done via teslajsonpy library. The upstream issue is here: zabuldon/teslajsonpy#205

Switching auth to a refresh token should be pretty straight forward once/if zabuldon/teslajsonpy#211 is done. May be a good stop gap solution vs trying to get captcha auth going.

To get refresh tokens there are app available and this is how teslascope has changed their auth to support the captchas:
For iOS/M1 Macs: Auth app for Tesla
or Android: Tesla Tokens (or use another app on the Google Play Store)

As for supporting "two types of auth" they are really the same. The user/pass/mfa/captcha is just used to get the tokens for authenticating the rest of of the API calls. Providing one directly just bypasses that step.

I may try to get a development environment going and code it up as a POC.

[alandtse]

As for supporting "two types of auth" they are really the same. The user/pass/mfa/captcha is just used to get the tokens for authenticating the rest of of the API calls. Providing one directly just bypasses that step.

Thanks. I'm referring to the UI work to handle it in the config flow. You'd have a user name password flow that would have to handle MFA and captcha and a second flow to take the raw tokens. The token flow would be easier but it's also something to maintain separately in HA.

[omelhus]

I have this working as a custom component where I've just made password optional and added the refresh token as a fourth option in the config flow.

I've just published my custom component at https://github.com/omelhus/tesla_custom_component

[alandtse]

As an update, Tesla enabled recaptcha this weekend. This broke my custom component and likely will break it for many other implementations since it requires JavaScript parsing. The most likely solution is the token solution assuming there remains some apps able to generate the refresh token every 45 days.

EDIT: There's a workaround for my custom component so it's still a viable option if you understand how to edit your hosts file.

[skrenes]

Thanks for the update @alandtse. I wish Tesla would properly support third party applications.

[omelhus]

Maybe the config flow UI should be changed to only accept the refresh token then, as username and password is unlikely to ever work again?

[alandtse]

Maybe the config flow UI should be changed to only accept the refresh token then, as username and password is unlikely to ever work again?

That's probably the way forward at least in HA core. Since you have it basically done in your custom component code, do you want to just submit that PR? We'll probably want the setup screen to point to the documentation where it lists the known authenticator apps.

[omelhus]

Yep, I’ll see what I can do. 👍

[alandtse]

Sorry folks, Tesla is coming out of core. We'll need to maintain it as a custom component. For now, there's omelhus's version which requires a 3rd party app to generate tokens and mine which requires some hosts file editing as a workaround. I'll probably spend time this weekend getting it into the custom_components and HACS as a default.