{"message":"An app update is required"}

[3rdStng]

I know that another variant of the above message was resolved with the new API URL string. I've written my own shell script to use on my Vera controller. It will successfully arm and disarm, and enable/disable each camera. However I cannot get the listing of the cameras linked to my account anymore. The URL that is noted: https://rest.prod.immedia-semi.com/network/*network_id*/cameras returns the message that an update is required. Command: curl -H "Host: prod.immedia-semi.com" -H "TOKEN_AUTH: authtoken from login" --compressed https://rest.prod.immedia-semi.com/network/*network_id*/cameras

1. Anyone know if there a new URL that I can use to list my cameras?
2. Is there a way to determine what ID's are linked to my cameras? The 9 digit code inside the camera is not the Camera ID.

[maoshouse]

I've been playing around with the endpoints (urls) lately. The video endpoints listed in the Readme seem to be mostly broken, though you can still enumerate most if not all the videos in your account via:

https://rest.prod.immedia-semi.com/api/v1/accounts/{accountId}/media/changed?since=YYYY-MM-DDTHH:MM:SS&page={page_token}

Now to get your account id, you can actually do

GET https://rest.prod.immedia-semi.com/networks

The response body has a networks list of network objects, which include members id, for your network_id and account_id

I haven't dug much deeper, but the v1 endpoint I mentioned earlier's response body for each and every one of the videos is quite verbose, which has information in regards to the video itself, thumbnail, camera, network id, etc.

give it a go.

@MattTW, I'm quite new to the whole REST API thing, was wondering if you could point me towards how you discovered the API endpoints? I'd like to take a crack at this myself too :)

[stuieordie]

@MattTW, I'm quite new to the whole REST API thing, was wondering if you could point me towards how you discovered the API endpoints? I'd like to take a crack at this myself too :)

I was curious about how this was done as well. My thought is that you could run a packet capture on your network while using the official client, this would get you at least the endpoints that are being called. In order to see the headers and body you'd have to decrypt the messages somehow.

[nutkracker]

Install https://www.charlesproxy.com on your computer, install the SSL cert on your phone... connect your phone to your computer (it acts as a proxy to the internet), Charles will decrypt the traffic... sniff away!

[Framnk]

@3rdStng Don't know if you ever figured this out (or gave up) but I was able to get a list of cameras and their IDs using the 'Homescreen' REST API:

/api/v3/accounts//homescreen

[3rdStng]

Thank you. I ultimately gave up and just Armed and Disarmed the entire system. It works for my vacation home as the cameras should either be on or off. There's no need for individual camera control like I have at my primary residence. But should I add more cameras at home, I now know how to get the camera ID.

[MattTW]

@maoshouse @stuieordie (better late than never maybe, sorry) - as @nutkracker indicated, the trick to tracing these calls is to do a man-in-the-middle attack, but you are the man in the middle snooping, so it is okay. :) On a Mac, I currently use a tool called Proxyman which is a nicely done tool. Then on my iPhone I set the HTTP proxy for the WiFi connection settings to point to my Mac's IP on the port where Proxyman is listening. You also have to set up the Proxyman SSL cert and have it be trusted on the Mac as well as on the phone. Proxyman has pretty good doc to walk through those steps. Then the iPhone will send HTTP/S calls to Proxyman, itwill trust things when is connecting to Proxyman, Proxyman it can decrypt and display the call contents, then pass the original call along to Blink.