Unable to use the 2FA

[Bapth-R]

Hello,

I'm trying to use the 2FA authentication to be able to access to my Blink camera. Unfortunately, even if the login requests work (POST /api/v5/account/login), I'm not able to finalise the authentication. I explain myself : After this request, I'm receiving a SMS with the code but when I ran the curl command : curl --request POST \ --url https://rest-prod.immedia-semi.com/api/v4/account/111111/client/222222/pin/verify \ --header 'content-type: application/json' \ --header 'token-auth: {TOKENTOKEN}' \ --data '{"pin":"111111"}'

I've got this error message : {"message":"Unauthorized Access","code":101}

Do you have an idea to resolve this problem ?

Thanks :)

[AMP3D]

I'm having the same problem. When looking at the blinkpy repo, I notice they're using TOKEN_AUTH with an underscore instead of a dash, but even that doesn't work for me. I tried sending the pin as an integer instead of a json string and that fails as well.

[JasonBSteele]

It works for me. Perhaps the quotes around the pin number are the problem?

[AMP3D]

It works for me. Perhaps the quotes around the pin number are the problem?

Would you mind pasting in your method (with the pin and token omitted of course)? That would help us narrow down what we're doing wrong.

In my case I tried without the quotes as well and same issue. I'm using Postman, but here's what the CURL version looks like when exported:

curl --location --request POST 'https://rest-prod.immedia-semi.com/api/v4/account/12345/client/67890/pin/verify' 
--header 'token-auth: 123456789'
--header 'Content-Type: application/json' 
--data-raw '{
    "pin": 123456789
}'

[JasonBSteele]

I'm using Postman too, but this is the exported curl

curl --location --request POST 'https://rest-e002.immedia-semi.com/api/v4/account/11111/client/22222/pin/verify'
--header 'token-auth: xxxxxxxxxxxxxxxxx'
--header 'Content-Type: application/json'
--data-raw '{ "pin": 1111111 }'

Looks like it could be the URL. You need to use the tier returned from the initial login.

[AMP3D]

Ah the URL was the issue, thanks @JasonBSteele !

[agavrel]

Thanks a lot @JasonBSteele

For those using Postman:

Login

GET https://rest-prod.immedia-semi.com/api/v5/account/login

Body (raw->json):

{
    "email" : "<your email>",
    "password" : "<your PW>"
}

Tests:

var jsonData = JSON.parse(responseBody);
pm.environment.set("accountId", jsonData["account"]["account_id"]);
pm.environment.set("clientId", jsonData["account"]["client_id"]);
pm.environment.set("userId", jsonData["account"]["user_id"]);
pm.environment.set("access_token", jsonData["auth"]["token"]);
pm.environment.set("tier", jsonData["account"]["tier"]);

Verify PIN

POSThttps://rest-{{tier}}.immedia-semi.com/api/v4/account/{{accountId}}/client/{{clientId}}/pin/verify

Body (raw->json):

{"pin": <your pin>}

Header:

Content-type: application/json
token-auth: {{access_token}}

[agavrel]

@JasonBSteele would you mind sharing your request for liveview? Mine is not working

[clipod]

Thanks a lot @JasonBSteele

For those using Postman:

Login

GET https://rest-prod.immedia-semi.com/api/v5/account/login

Body (raw->json):

{
    "email" : "<your email>",
    "password" : "<your PW>"
}

Tests:

var jsonData = JSON.parse(responseBody);
pm.environment.set("accountId", jsonData["account"]["account_id"]);
pm.environment.set("clientId", jsonData["account"]["client_id"]);
pm.environment.set("userId", jsonData["account"]["user_id"]);
pm.environment.set("access_token", jsonData["auth"]["token"]);
pm.environment.set("tier", jsonData["account"]["tier"]);

Verify PIN

POSThttps://rest-{{tier}}.immedia-semi.com/api/v4/account/{{accountId}}/client/{{clientId}}/pin/verify

Body (raw->json):

{"pin": <your pin>}

Header:

Content-type: application/json
token-auth: {{access_token}}

The login is not a GET. Its a POST.