Map Extractor quit working (Two factor authentication required)

[jscherry]

I've been successfully using the camera, map extractor, etc for over a year. It recently started giving me this error in the logs: This error originated from a custom integration.

Logger: custom_components.xiaomi_cloud_map_extractor.common.xiaomi_cloud_connector Source: custom_components/xiaomi_cloud_map_extractor/common/xiaomi_cloud_connector.py:86 Integration: xiaomi_cloud_map_extractor (documentation, issues) First occurred: 8:45:59 PM (1 occurrences) Last logged: 8:45:59 PM

Additional authentication required. Open following URL using device that has the same public IP, as your Home Assistant instance: https://account.xiaomi.com/identity/authStart?sid=passport&context=uTqPvO6apqW6eNzYVJGlecf1IdPlwCuf7s4kyGgAEEHJu8hAtr6hDE01YlWWNPJ1tlXWDxfLVW-XaF1FEclBzxl-WYSoMPDuPiSGPQu_kJfGzvjZ78EOMaHfXz9STWfcm2RxnfWkPN22ukly0MLQ-Q8YVb7lbyzW9ZiU7GNSlQGFHX1NKVBTa15-omitted last part for security

I pasted this address into a browser and it just came up "TIPS" on xiaomi help site?

Also the lovelace card reads: "two factor authentication required (see logs)" with this below: "Your camera entity is not providing calibration_points Enable calibration_points in camera entity or disable camera_calibration"

I had callibration points in my config so I removed it and am still getting the error and it won't load. Here's the config I'm using: camera:

• platform: xiaomi_cloud_map_extractor host: token: username: password:

I'm running

Host Operating System	Home Assistant OS 6.1
Update Channel	beta
Supervisor Version	supervisor-2021.06.8
Docker Version	20.10.6
Disk Total	113.9 GB
Disk Used	23.8 GB
Healthy	true
Supported	true
Board	odroid-n2
Supervisor API	ok
Version API	ok

Version	core-2021.7.2
Installation Type	Home Assistant OS
Development	false
Supervisor	true
Docker	true
Virtual Environment	false
Python Version	3.9.5
Operating System Family	Linux
Operating System Version	5.9.16
CPU Architecture	aarch64

Any help would be greatly appreciated. I just enabled info logging for the map extractor and will post the logs after reboot.

[PiotrMachowski]

You have to open provided link in your browser and follow steps described on the page. It is possible that your link has expired before you used it. You can use token extractor to generate a new one. You have to do it from a device that is in the same LAN as HA

[Tamsy]

I experienced exactly the same behavior like @jscherry with our two Roborock S5 Max today: All of a sudden the extracted maps for the vacuums didn't show up anymore with Lovelace but showing the pictures "two factor authentication required (see logs)" instead.

Using token extractor didn't bring up anything new: Nothing has changed but the tokens are exactly the same as they were before.

So I simply just restared Home Assistant and all went automagically back to good again: The maps incl. calibration points, zones etc. are showing again in Lovelace.

I don't know whether the culprit was with Xiaomi or HA.

[MadOtis]

I just experienced the exact same thing as the OP. I suspect Xiaomi is adding some sort of MFA to their servers. However, I noticed that my ISP's DHCP-issued IP address for my private network had changed between yesterday and today, so I wonder if that might have contributed to the sudden display of the error. A simple restart of HA didn't resolve the issue, but after doing a reboot of both my pfSense server and a physical reboot of my HA VM, it started working again.

[mkrasselt1]

For me The Problem exists on a per day Basis :/

[dbloom86]

I'm having the same issue since my HA instance froze yesterday. When trying to use token extractor to get the token. I get the exact same message. But I can log in to my Xiaomi Cloud account on the website without 2FA.

Edit: So I found this: After I reboot my HA instance and directly go to the logs, the same error message turns up. But if you open the link within like a minute or so, you actually get the option to do 2FA. However after I do that, it nicely shows "ok" on the site, but the map extractor is still not working.

Edit 2: Oh and reinstalling the map extractor doesn't make a difference either

Please assist.

[PiotrMachowski]

@dbloom86 Have you opened the links using a device that has the same public IP as your HA instance?

[dbloom86]

@PiotrMachowski yes I have. Like I said, I can do the 2FA authentication just fine. It just doesn't change the fact that the integration keeps coming back with the message and it doesn't show a map

[PiotrMachowski]

@dbloom86 try to follow these steps:

1. Reload Xiaomi Cloud Map Extractor domain (to get a fresh 2FA link)
2. Complete 2FA flow using device that has the same public IP as your HA instance
3. Reload Xiaomi Cloud Map Extractor again

[dbloom86]

@PiotrMachowski Ok I tried that. But it just keeps generating the error and not showing the map. Every time I reload the Xiaomi Cloud Map Extractor, the error shows up and I get a new 2FA link. I can complete it over and over again, but to no avail unfortunately.... Any other Ideas?

Edit: If I use the token extractor tool (Python script thingy) I get the exact same message. Idk what to do anymore :(

[PiotrMachowski]

@dbloom86 Can you try using token extractor from a different public IP (e.g. using your phone as a access point)?

[dbloom86]

@PiotrMachowski I just tried that. But it gives the same exact result. I'm starting to think, it is something in my Xiaomi Cloud account.... But Idk what...

[PiotrMachowski]

@dbloom86 do you use other integrations that connect to Xiaomi Cloud?

[dbloom86]

@PiotrMachowski nope. I do have the Xiaomi Home app on my phone, and that connects fine. But that doesn't use the same way of connecting I think. I can try another integration to test though

[dbloom86]

@PiotrMachowski ok this is weird. I installed another integration that was gonna use the Xiaomi Cloud, but I didn't set it up yet. Restarted HA after installing it, and somehow the map extractor started working again. Thanks for all the help though!

[PiotrMachowski]

@dbloom86

[adabelleleiram]

Is anyone looking at a proper fix for this? Had this issue for a while. First time, restarting did the trick. A couple of weeks later it came back and nothing seems to work. Tried all the things described here😕

[adabelleleiram]

I get the same issue btw when trying to run the python token extractor. It gives me a link saying two factor authentication required. When I go to the link, I'm able to fill in the number I get in the email but nothing happens in the script. Restarting it gives me the same error

[mkrasselt1]

I noticed this happening if my vaccum was in another subnet then my phone/homeassitant - but sharing the same public ip adress, maybee this helps some of you guys :) (And notice: I logged out of all my mobile apps during the extraction process, and logged back in later - not shure if this affected my setup)

[almostserious]

I can confirm the above.. if you open the link from the same subnet it works. However, my problem is that i simply do not receive the email...

[PiotrMachowski]

@almostserious it's possible that link has expired, try to reload Extractor domain in Server Controls and use the new link

[almostserious]

Thanks, the link is still fine. Its an issue with the Xiaomi Email.. I'm stuck in a loop now ;) Don't have a phone number connected to receive a code, and to register the phone number I first need to confirm the email which doesn't work ;) Lets see if it maybe arrives 24h later.

[kikofhm]

@PiotrMachowski I'm with the same problem. From couple days ago the map it's STOP working.

the card shows: "two factor auth required (see logs)" I restart HA and in logs Additional authentication required. Open following URL using device that has the same public IP, as your Home Assistant instance: https://account.xiaomi.com/ident... sometimes the page only shows Mi logo and Tips but nothing more, othertimes I can get the login page fill the form receive the code to my email and the page shows "ok" in left upper corner"

in my mi account in 2 step auth menu it's disable...

[gsotiriou]

You have to open provided link in your browser and follow steps described on the page. It is possible that your link has expired before you used it. You can use token extractor to generate a new one. You have to do it from a device that is in the same LAN as HA

Just came here to say that this worked for me. It must be like a "random" or "rare" check of the Xiaomi API to verify that the logins are not a hack attempt and that they originate from the true owner of the account. What I am about to say is not salt to any of the other users facing problems but make sure you have the right requirements in place people.

Firstly and I can't stress this enough, try this from the browser, on a PC that is on the same network as your HA instance. Not from your friend's PC, not from your mobile (on cellular network) phone browser, not from a incognito window, not anything fancy. Just a simple browser window on a pc on the same network as your Home Assistant.

Secondly. Xiaomi will ask for a verification (either email or phone). Don't treat your Xiaomi Accounts like garbage accounts that you created to join a giveaway. Ensure that your phone and email are in there and that you have actual access to these data.

Thirdly. Go to HA > Configuration > Server Controls and reload XIAOMI_CLOUD_MAP_EXTRACTOR after you are done. Then give it a couple of minutes.

[Fannangir]

Tried all of the above. Tried to enable/disable the request of 2fa from other devices. Tried via token link and HA link. Tried another public IP (via phone internet connection) Still, unfortunately, stuck in the same loop.

[bellini666]

You have to open provided link in your browser and follow steps described on the page. It is possible that your link has expired before you used it. You can use token extractor to generate a new one. You have to do it from a device that is in the same LAN as HA

Just came here to say that this worked for me. It must be like a "random" or "rare" check of the Xiaomi API to verify that the logins are not a hack attempt and that they originate from the true owner of the account. What I am about to say is not salt to any of the other users facing problems but make sure you have the right requirements in place people.

Firstly and I can't stress this enough, try this from the browser, on a PC that is on the same network as your HA instance. Not from your friend's PC, not from your mobile (on cellular network) phone browser, not from a incognito window, not anything fancy. Just a simple browser window on a pc on the same network as your Home Assistant.

Secondly. Xiaomi will ask for a verification (either email or phone). Don't treat your Xiaomi Accounts like garbage accounts that you created to join a giveaway. Ensure that your phone and email are in there and that you have actual access to these data.

Thirdly. Go to HA > Configuration > Server Controls and reload XIAOMI_CLOUD_MAP_EXTRACTOR after you are done. Then give it a couple of minutes.

The problem is that, even doing that exact steps (same network, no incognito mode or anything, trying using phone and/or email, getting the "ok" page after and reloading the plugin after) it still will not work.

Maybe it is something related to the mi account itself?

[dbloom86]

Same here. I tried everything mentioned here. But it keeps coming back. Stuck in a loop. Seems to have started with release 2021.11 of HA. Or maybe Xiaomi changed something?

[Fannangir]

Restarted HA today following an update to the latest version (2021.11.2). The integration started working, map has appeared. Don't know what would be the reason.

[dbloom86]

Restarted HA today following an update to the latest version (2021.11.2). The integration started working, map has appeared. Don't know what would be the reason.

For me it hasn't unfortunately. It all seems really random imho

[steuerzentrale]

Restarted HA today following an update to the latest version (2021.11.2). The integration started working, map has appeared. Don't know what would be the reason.

I experienced the same behaviour, since 2021.11.2 and a HA-restart it started working again. just let me know if I can help with data, unfortunately I have no knowledge of developing applications, but maybe delivering data can help too.

[bellini666]

For me too, just restarted HA and it started working just now. Didn't try any 2fa login since 2 days ago.

The only thing I see in the logs now is:

Logger: homeassistant.components.camera
Source: components/camera/__init__.py:488
Integration: Camera (documentation, issues)
First occurred: November 9, 2021, 23:30:51 (2 occurrences)
Last logged: 12:59:15

The camera entity camera.roborock_camera does not support requesting width and height, please open an issue with the integration author

But that is just a warning, map is working fine now

[michelotten]

Had the same issues since updating to HA 2021.11, tried all suggestions but nothing worked. This morning I update HA to 2021.11.2, and tried reapplying 2FA, but map didn't load. Now I saw above messages, I again reloaded Xiaomi_Cloud_Map_Extractor via server controls, and magically the map is working again!

[adabelleleiram]

I didn't update HA (still on 2021.9.7) but a restart of the integration solved it for me too.

[diogodias24]

Restarted HA today following an update to the latest version (2021.11.2). The integration started working, map has appeared. Don't know what would be the reason.

Same here, working with version core-2021.11.2

Glad that it's solved.

[fi-sch]

Works on my side. After loading component (HA Core restarted) I quickly copied a link and did 2FA on Xiaomi site. Probably after that I also restarted HA Core once more. Since then everything works fine.

For those still having problems: Make sure that you do 2FA ASAP after loading the component. Also AFAIR, you need to do so from the same network (IP) that HA is hosted on.

[marcioibm]

Do you need to confirm 2fa every 1 or 2 weeks? I'm facing that ...

[gogenzuller]

Hello. Since I needed 2fa, I only repeated it twice, and all because my external IP changed. Perhaps your IP is also dynamic and also changes once every one or two weeks...

[marcioibm]

Hello. Since I needed 2fa, I only repeated it twice, and all because my external IP changed. Perhaps your IP is also dynamic and also changes once every one or two weeks...

Hmmm that's probably it! Thank you!!

[bialass]

You have to open provided link in your browser and follow steps described on the page. It is possible that your link has expired before you used it. You can use token extractor to generate a new one. You have to do it from a device that is in the same LAN as HA

Just came here to say that this worked for me. It must be like a "random" or "rare" check of the Xiaomi API to verify that the logins are not a hack attempt and that they originate from the true owner of the account. What I am about to say is not salt to any of the other users facing problems but make sure you have the right requirements in place people.

Firstly and I can't stress this enough, try this from the browser, on a PC that is on the same network as your HA instance. Not from your friend's PC, not from your mobile (on cellular network) phone browser, not from a incognito window, not anything fancy. Just a simple browser window on a pc on the same network as your Home Assistant.

Secondly. Xiaomi will ask for a verification (either email or phone). Don't treat your Xiaomi Accounts like garbage accounts that you created to join a giveaway. Ensure that your phone and email are in there and that you have actual access to these data.

Thirdly. Go to HA > Configuration > Server Controls and reload XIAOMI_CLOUD_MAP_EXTRACTOR after you are done. Then give it a couple of minutes.

That worked for me as well. (1) Restart Xiaomi Map Extractor (2) Check logs and follow link (from my PC connected to the same WAN access point as vacuum cleaner) (3) Fill the authentication form (4) Got "ok" from https://sts.api.io.mi.com/sts. (5) Restart HAss as camera has some issues. NOTE the point on mobile phone IP is very good one. It does differ from router's IP.

[T81]

You have to open provided link in your browser and follow steps described on the page. It is possible that your link has expired before you used it. You can use token extractor to generate a new one. You have to do it from a device that is in the same LAN as HA

Just came here to say that this worked for me. It must be like a "random" or "rare" check of the Xiaomi API to verify that the logins are not a hack attempt and that they originate from the true owner of the account. What I am about to say is not salt to any of the other users facing problems but make sure you have the right requirements in place people.

Firstly and I can't stress this enough, try this from the browser, on a PC that is on the same network as your HA instance. Not from your friend's PC, not from your mobile (on cellular network) phone browser, not from a incognito window, not anything fancy. Just a simple browser window on a pc on the same network as your Home Assistant.

Secondly. Xiaomi will ask for a verification (either email or phone). Don't treat your Xiaomi Accounts like garbage accounts that you created to join a giveaway. Ensure that your phone and email are in there and that you have actual access to these data.

Thirdly. Go to HA > Configuration > Server Controls and reload XIAOMI_CLOUD_MAP_EXTRACTOR after you are done. Then give it a couple of minutes.

Just going to HA > Configuration > Server Controls and reloading XIAOMI_CLOUD_MAP_EXTRACTOR did the trick for me

Edit 22/04/2022: It happened again and can't solve it now. Edit 22/04/2022: All of a sudden, after a HA server restart it started working again, without having to touch anything...

[PiotrMachowski]

I have added returning 2FA URL in camera's attributes, it should be easier to get it than in logs

[MiralDesai]

I've tried all the suggestions here and had no luck. I'm running HA inside a VM on a mac mini, and tried opening the 2FA link on the mac mini, same public IP address, and it still continues to ask for additional authentication.

Anyone have any suggestions on what to try?

[yzlnew]

For anyone expericing this issue, check your router settings and bind vaccum to a static IP address, same as the IP set in camera.host.

[PiotrMachowski]

@yzlnew I'm not sure if it will help, this error is raised before even connecting to the vacuum

[thanasis00]

Greetings, I'm stuck here as well. I have a viomi se and the map is not showing and asking for 2fa. Did it 3 times and it didn't work, and now I'm rate limited from trying again... Guess I'll have to try again in 1 day... Any ideas or suggestions?

[Arie046]

Same issue here. Additional authentication required. Open following URL using device that has the same public IP, as your Home Assistant instance: "Two factor auth required "

1. Iam on the same public IP.
2. Used the token extractor and followed the step with the URL. Got an "OK"message after.
3. restarted the xiaomi_cloud_map_extractor: Reload service. nothing happens. not even after rebooting HA.

Home Assistant OS 8.2

[thanasis00]

Just an update, my integration started working on its own, without me trying to do the 2fa again. Don't know why this happened, but now I have the map working. Maybe it takes time for some reason?

[toloomierz]

i have same problem as https://github.com/PiotrMachowski/Home-Assistant-custom-components-Xiaomi-Cloud-Map-Extractor/issues/157#issuecomment-1180409114

[adocampo]

Yes, my integration asked for 2fa and map stopped working. I tried to re-authenticate on Xiaomi cloud, restarted HA several times, but no luck, and then several days after, it start working again after a restart made by another purpose not related.

[digitalit]

I've tried all the suggestions here and had no luck. I'm running HA inside a VM on a mac mini, and tried opening the 2FA link on the mac mini, same public IP address, and it still continues to ask for additional authentication.

Anyone have any suggestions on what to try?

@MiralDesai hi, any luck on this problem?

I run Hassos in a VM and my VM has not the same IP as my MacMini even thought they are on the same local network.

I have tryed to run the link in my browser but this is from my MacMinis local IP. How can i run this code from my Hassos VM to get the right auth IP?

Have a nice day :)

[eXifreXi]

I can't get the 2FA stuff to work either. All the suggestions aren't helping.

I already had to somewhat hack around the fact that the token extractor has the same issue. There I had to manually change the python file for the token extractor with some values that came back from the URL via the Network tab of my browser. The extractor then worked and I managed to get the token, which did in fact get me to link Home Assistant to my vacuum.

However, the map extractor has the same issue and here I'm not sure if that can be worked around the same way. I haven't looked into it, but it should also not be required.

To be clear, the Laptop and my PI sit on the same Network. Same Public IP (otherwise I wouldn't be able to get the Token). The settings in the configuration file are basically copy-pasted and the secrets file has the token that got extracted, as well as the xiaomi email, and password, and finally the IP of the vacuum, all of which I basically already used to add the vacuum to HA in the first place.

Would be awesome if this could get an official fix somehow. (: