Can't login

[Prog72]

I've just restarted Node-RED and am getting the following error repeatedly.

Life360 server error logging in: 403 Error: Request failed with status code 403 undefined

Is anyone else experiencing this?

[hepcat72]

Well, I'm traveling and my home VPN doesn't seem to be working correctly (I can "connect" to my VPN, but cannot ssh or VNC in), so I can't get into my pi to look at my logs. I can't even load node red's web interface... I can say that as of about noon yesterday, it was still working, because my geofence automations were triggered, though I haven't disconnected from the Life360 server to try reconnecting... and I wouldn't want to try that when I'm not home.

I'll check after the holiday.

[Prog72]

Thanks for your reply.

Mine was working fine until I restarted Node-RED earlier today and that's when the problem started. Hopefully it's something I've done rather than a global issue but I would definintely not disconnect for now!

Happy travels.

[hepcat72]

I would google the error. If there's a global issue, the home assistant folks probably would have reported and solved it by now.

[aots74]

Having the same problem. Figured it might just be a url change like last time. Anyone figured it out yet?

[ljgonzalez1]

+1

[hepcat72]

If anyone wants to fix it, go ahead and submit a PR. I won't be able to get to it until next weekend.

[redpages]

Same here

[Prog72]

I did some digging and it appears the good people at Life360 are doing all they can to stop their service working with home automation. They've never officially supported it so I guess that's fair enough.

I now have a new geofencing solution using PhoneTrack for Android, Nextcloud running on a Raspberry Pi, and HTTP requests in Node-RED. It's not as elegant but it doesn't rely on a third party, so that's a positive.

@hepcat72 I'd like to take this opportunity to thank for your work on the Life360 node over the past few years. It's been very much appreciated.

[hepcat72]

Thanks. Looks like the Life360 folks may have implemented a major refactor. I don't necessarily think it was necessarily targeted the home automation community, but I only marched through the HA issues page on it. They rewrote their interface.

Life360 sounds like they may just be upping their auth game?

I'll get home mid-week this week and look into it in more detail.

I myself have a separate geofence solution I use (the old Geofency app for iOS) that uses webhooks. It's not as reliable as Life360. Sometimes the webhooks fail. Life360 is more reliable than Geofency because it's not a single webhook call upon crossing a geofence boundary.

[nlanfran]

Same problem here since a couple of days, see below:

[ljgonzalez1]

From Life360 support

Thank you for reaching out to Life360 about using the cURL API. I'll be providing you an information to this.

We understand the importance of using the Home Assistant program with Life360. However, we want to inform you that we no longer support home automation programs such as Home Assistant, Google Home, Alexa, IFTTT, and others, and these programs are no longer compatible with Life360.

Currently, we have no plans to reintroduce compatibility with these programs. Nonetheless, we appreciate your feedback on this matter, and I will share it with the appropriate team.

Have a safe day,

Sarah Life360 Customer Care

I'm cancelling my subscription and changing to owntracks

[hepcat72]

So I spent a good part of today (and a bit yesterday) futzing with the code, and the conclusion I'm coming to (that you guys may have already arrived at) is that Life360 is using cloudflare to ostensibly prevent "attacks/hackers". Whether they think the home automation community falls into this category or not, we're running afoul of their new security measures. In fact, it seems they've even buried the fact that there exists a free version/tier of their service.

I discovered a few different layers of what is happening.

First, they have tweaked their authentication interface. There is now a mix of "v3" and "v4" URLs in their API, and even if you fix that, the fact that your installs have been querying the API with the old (invalid) URLs has gotten your accounts blocked by cloudflare (more on them below). Changing your account password may or may not work around the block, that is, assuming the API has been updated - and I implemented (though I have not yet pushed) the same changes that the HA community claim fixes the issue).

Second, anyone who has enabled their 2FA feature appear to be more likely to not be able to work out the block. There appears to be no way to disable 2FA once enabled either. Some users have resorted to creating new accounts.

Third (and I haven't seen this mentioned anywhere else - I just encountered it on my own), their password requirements are now more stringent (and my old password did not meet the new requirements).

Fourth, there may (or may not) be a new limitation on number of devices logged into the same account. Reports on this are mixed. Some users have gotten around this by creating a new account using a google voice phone number and adding that duplicate account to circles.

This is not the first code issue I have run into with cloudflare. All of the cell phone providers started using cloudflare (or cloud-whatever - I discovered there are multiple names referring to the same company) to start "spam filtering email-to-text features about a year or so ago. I had been reliant on that feature to have my home automations message me, and clouflare, once I'd worked out they had blocked my email, claimed that a "another user" had reported my single-purpose-custom-email (that only ever emails my own (other) account) as "spam", which of course was bullshit. They unblocked me, but it happened again - and the process for getting unblocked is time consuming and annoying.

I will revisit this node's code again to see what more I can do over the next week or 2, but I just started looking into owntracks (thanks @ljgonzalez1). It looks quite interesting, particularly WRT privacy and control, (though not as easy to add friends to). I was particularly impressed that they support ibeacons, which I also use. I started reading the "booklet" to see about setting up a server, though it might take some time to get going.

[StoricU]

Have used Life360 for many years and the regularly change something so that it don't work.. Have also been looking for an alternative to Life360, but I just have not found any solution that has been as reliable (ironically enough) as Life360 when it comes to reporting correct.

[hepcat72]

Have used Life360 for many years and the regularly change something so that it don't work.. Have also been looking for an alternative to Life360, but I just have not found any solution that has been as reliable (ironically enough) as Life360 when it comes to reporting correct.

I agree. I've had a similar experience. But I've also dealt with cloud flare blocking before and it's rather difficult to deal with. I'm just not sure there is going to be a reliable solution moving forward. I will continue to try and figure this out, but I think I have the correct code right now in a branch and it's not working and I think it's because cloudflare has blocked me.

[hepcat72]

Perhaps later today, I'll push my branch and a volunteer can try installing it to see if they can get their install to work. I tried for most of the day yesterday and I cannot get around the 403 (with the message saying I'm blocked). I tried changing my password, which has worked for some others (using the HA L360 integration) though there are still others (like me) that can't seem to get around it. I think unless I reach out to Life360 and have them create a ticket with cloud flare to unblock me (like I did a couple times with T-Mobile regarding email-to-text about a year ago), I'm not going to be able to get past it.

[hepcat72]

I still have some reading to do on owntracks, but my first impression is that it has the potential to not be as reliable based on the following detail from their docs: They only ever communicate location changes to the server when the phone's OS tells owntracks that the phone has moved significantly. Dependability will thus hinge on how they handle faults (i.e. what happens if there's no signal when it tries to communicate with the server). If it keeps trying (say, once a minute) until it succeeds, then I would say that that would be better than Life360 which uses polling. On the server side, it supports MQTT, which is reliable in that fashion, but I'll have to keep reading to see if it's well implemented for robustness.

I just pushed a branch with changes that may or may not work for people. The branch is auth2024. Would anyone be willing to try it out? It hasn't worked for me, but some users have had success (and some haven't) with these same changes that were implemented in homeassistant. You may need to change your Life360 password to get it to work. And as I understand it, if you have enabled Life360's 2FA, you may run into a limitation where Life360 only allows 1 device to query their server, so it may work briefly (until you open the Life360 app on your phone). Users who have not enabled 2FA shouldn't encounter that issue, though in either case, YMMV. Please report back what happens when you try out that branch. Follow this general process:

1. Disable the Life360 server node
2. Stop node-red
3. git clone git@github.com:hepcat72/node-red-contrib-life360.git
4. git fetch
5. git checkout auth2024
6. Replace node-red-contrib-life360 somewhere under node_modules with the node-red-contrib-life360 directory you cloned/checked-out
7. Change your Life360 password
8. Start node-red back up
9. Update the password in the Life360 server node and re-enable
10. Deploy and see what happens
11. If you still see a 403, take a look in the node-red error log and paste the error you get here in this thread.

The branch only changes the index.js file. You could take a look and just copy the changes to the corresponding file under node_modules. Let me know if you want to try it, but need further instructions.

Rob

[StoricU]

Have briefly testet owntracks today, but it did not report me entering my home zone before I had been home for a while. This was with using the significant changes monitoring mode. I'm going to try the "Move" mode later.

However, I tested the auth2024 branch. I'm getting this error in the debug list: "Life360 server error logging in: 500 Error: Request failed with status code 500 undefined" Is there any other log with more information?

I have not enabled 2FA and I changed the password before testing.

[StoricU]

Don't know if this has anything to do with the error:

FYI, I had this error before doing the branch update.

[hepcat72]

Huh. I ran into the 500 error, but I thought I'd fixed that... Let me see if I can fix it.

[hepcat72]

OK. Reproduced and addressed the 500 error. Try pulling and try again.

The 500 error doesn't show up in the log, but my error (403) after this change does come out in the console's error log. It prints the entire error object, including the server response. I wouldn't leave it running that way forever. It's a lot of text (if you get the error).

[StoricU]

Followed the same procedure (https://github.com/hepcat72/node-red-contrib-life360/issues/20#issuecomment-1874346985) to update, and now I get a 403 error.

[hepcat72]

OK. Thanks for testing. I've been corresponding more with the guy who helps maintain the Life360 integration in HA. I had pointed out that I had never enabled 2FA (and assumed my app was older since I don't have the option to enable it) and he said that the enabling of 2FA is automatic if you have a phone number on your account (which I do). He said that there's a separate branch for Life360 in HA where someone implemented a way to add your phone number to the initial authentication and added a way to include a 2FA code in a subsequent auth call. ATM, that's my best bet as to what's happening - why we're still getting a 403.

Can you confirm @StoricU, if you have a phone number in your Life360 account? That would corroborate this theory. If so, I will see about adding some code for this work-around, as unsustainable as that may be...

[StoricU]

I see, I can confirm that I have registered my phone number.

I have just configured owntracks with Tasker to switch between different update principles based on if the phone is connected to any WiFi, but I fear that this will drain the battery pretty quickly when out and about.

[hepcat72]

That's disappointing to hear. Based on my initial reading of owntrack's booklet, I was optimistic that it would not be a battery drain, since it only communicates location when the OS tells owntracks that the phone has moved. I.e., it's not a polling strategy. Did you set up your own polling? I haven't gotten very far yet with reading about owntracks, so I'll be looking forward to your assessment of how well it works.

[StoricU]

Of course it depends on what you need. I primarily need it to detect when I'm arriving home to open the garage door. Using the "Significant Changes" strategy it does not report entering the Home zone until I have parked. So it is fairly quick.. Just not quick enough. That's why I have now set up the tasker to change the strategy to "Move" when not connected to wifi. So I will check tomorrow if that strategy is quick enough. And see how the battery holds up..

[hepcat72]

Can you increase the size of your geofence around your house? That's what I did with Life360 (so that the AC would run for a bit before I arrive in the summer).

[StoricU]

The zone can't be to big, then it will interfere with my traveling routes during the day 🙈 But that is something I also did with Life360. The zones on HA and owntracks is the same size as in Life360 now. Have to do some field studies =)

[hepcat72]

OK. I was studying the code changes for the OTP branch in the HA repo and I got a basic bash function to work to determine the login method for your account. Mine is "phone" (i.e. I need to use the OTP method). Here's the (ugly) code if you want to try it yourself to confirm your account requires the OTP method:

#!/bin/bash

#Set variables
username360="your@email.here"
password360="yourlife360password"
phone360="yourphonenumber"
phonecountrycode360="1"  # USA
secret360="Y2F0aGFwYWNyQVBoZUtVc3RlOGV2ZXZldnVjSGFmZVRydVl1ZnJhYzpkOEM5ZVlVdkE2dUZ1YnJ1SmVnZXRyZVZ1dFJlQ1JVWQ=="
agent360="com.life360.android.safetymapd/KOKO/23.50.0 android/13"  # necessary
apiurl3="https://api-cloudfront.life360.com/v3"
apiurl4="https://api-cloudfront.life360.com/v4"
timeout=300

function loginMethod {
  echo "$(date +%s) INFO: requesting user login method"
  isemail=$(curl -s -X GET -H "Accept: application/json" -H "cache-control: no-cache" -H "user-agent: $agent360" -H "Authorization: Basic $secret360" "$apiurl3/users/lookup?email=$username360" | grep -c loginMethod)
  if [ $isemail -eq 0 ]; then
    isphone=$(curl -s -X GET -H "Accept: application/json" -H "cache-control: no-cache" -H "user-agent: $agent360" -H "Authorization: Basic $secret360" "$apiurl3/users/lookup?countryCode=$phonecountrycode360&phone=$phone360" | grep -c loginMethod)

    if [ $isphone -eq 0 ]; then
      echo "ERROR: No login method found"
      loginMethod=error
    else
      loginMethod=phone
    fi
  else
    loginMethod=email
  fi
  echo $loginMethod
}

loginMethod

The above is a bit verbose. If your login method is phone(/OTP), then if you issue this curl command (after setting the variables):

curl -s -X GET -H "Accept: application/json" -H "cache-control: no-cache" -H "user-agent: $agent360" -H "Authorization: Basic $secret360" "$apiurl3/users/lookup?countryCode=$phonecountrycode360&phone=$phone360"

You will see something like this (note how devoid of info mine is, despite having an email and last name in my account):

{"user":{"firstName":"Rob","avatar":null,"email":null,"loginEmail":null,"id":null,"lastName":null},"loginMethod":"phone"}

If you use the email command (and your method is phone/OTP), you'll see something like this:

{"user":{"firstName":""}}

If you have something wrong in your get request, you'll get something like this:

{"errorMessage":"This login was not found","url":"\/v3\/users\/lookup.json?username=hepcat72@gmail.com","status":404}

It took me awhile to get this to work, so that's enough for today. Next time I sit down with this, I'll see if I can send the request to get an OTP.

[StoricU]

Just ran your code and can confirm I require OTP.. Got the same result as you.

[hepcat72]

I was thinking about the 1-device limitation thing once you've used the OTP login method... A user in the HA thread said that they don't run into a limitation when they access the Life360 app on their iPad. There must be another way to access the location data: one way for the device being tracked and one way for devices on the same account that are not being tracked. Maybe it's just another user agent. Maybe it's another url. Don't know. But I had ready that the way the OTP interface was discerned was using some sort of software to watch the traffic while an android phone logged into Life360. Probably the same could be done for a device that's not one being tracked.

Just wanted to document that thought. I still plan to flesh out the process for the OTP login from HA.

[pantherale0]

@hepcat72 hello, the multiple device limitation is purely a software limitation. When you click the button to sign out it sends a delete request to a certain endpoint to end all existing user sessions. The access token itself used doesn't change between that and future requests and the API can support multiple devices.

[hepcat72]

Oh I know that it's a software limitation and that there must exist a way to interact with the API to do it. The question is, how to do it. Do you know?

I have a separate convo going with one of the HA devs who has worked on this. They developed an OTA auth interface to get logged in, but other users say that as soon as they open the app on their phone, they start getting 403s in the Life360 HA integration. What I'm thinking is, there must be a different query, different parameter, or different auth for connecting to only receive location data (not connect to send (and receive), which is what I infer the OTA login is doing (even if we're not sending location data).

[pantherale0]

See here: https://github.com/home-assistant/core/issues/106967#issuecomment-1876123190

I uploaded a text file with a list of all the API endpoints defined in the mobile app. There's no refresh endpoint that I can see.

Ideally you'll need to figure out where the 403 actually comes from by checking the content of the response, both the API itself and cloudflare use the 403 status code, but they can both mean entirely different things.

If it's from Life360 you'll generally have a JSON response that contains an error stating the Auth token is invalid.

If it's cloudflare you'll get the "this page is blocked", which is entirely different and means the request never reached life360s servers in the first place (could be page rules, WAF, custom rules or who knows what else life360 have configured in cloudflare).

[pantherale0]

There's also this spreadsheet doc that contains a whole bunch of random API endpoints from traffic sniffing:

https://cloud.hrvy.uk/s/McSWExgiJ9YxGMT

This is what you are looking for to end other sessions (DELETE request, no body):

[hepcat72]

I had read your efforts in the HA issue thread and I was thinking about the traffic sniffing. This is all kind of over my head, so maybe this is a pointless question, but when the traffic is being sniffed, would it make sense to use a device that is not one that is being tracked, e.g. an iPad? Maybe there would be some alternate endpoints discovered?

[pantherale0]

I had read your efforts in the HA issue thread and I was thinking about the traffic sniffing. This is all kind of over my head, so maybe this is a pointless question, but when the traffic is being sniffed, would it make sense to use a device that is not one that is being tracked, e.g. an iPad? Maybe there would be some alternate endpoints discovered?

You could try, although I'm an android only household and with android you need a rooted device to run frida-server to disable SSL pinning otherwise you won't be able to see any of the traffic. I've reset the device multiple times and there's no difference in any of the web requests sent.

[StoricU]

Have now been testing out OwnTracks for a while. Sadly it's a battery killer. I'm using Android, and for android the "Significant location change mode" the documentation states: " It uses a balanced power location request that gathers a new location fix every 15 minutes" So it's no good for automation using zone entering/leaving. Using "Move" is a serious battery killer, since it requests a location fix every 10s. Really wonder how Life360 works, since it has been flawless for so long a time without draining the battery

[ctreischman]

I believe Significant location change is every 15 minutes or if you stop traveling. One nice thing with OwnTracks is that a region radius seems to be unlimited. So far with my testing I made 3 regions at my house (Home=200m, Home Near=1000m, and Home Far=40,000m). When i enter Home Far after a longer trip it sets my AC back earlier. When i enter Home Near it sets OwnTracks to Move mode until i finally get to Home. Then Home adjusts garage door, security, and some lights.

Life360 radii seemed to be limited and I couldn't create the largest circle. So I created separate circles N, S, E, and W of my house and had to get creative with some logic on entering/exiting those circles to control the AC.

[StoricU]

Interesting @ctreischman ! And that works? How do you set the updating rate based on regions? Is that a OwnTracks feature? Up to now I have been using Tasker to control location updates, based on wifi connected and wifi near, but it has not been as reliable as hoped. Some times tasker don't turn it back to significant location when connecting to a wifi, so then the battery drains. And I live so close to the city and my "during the day" travelroute, that the home zone can be max 300. And a Home Near would not work, since it would trigger almost all the day.

[ctreischman]

Do you use Join with Tasker? It will allow you to send messages between all your devices.

For instance, when my phone enters the "Home Near" region, NodeRed on my computer sends a message to Tasker on my phone with Join. My message is similar to "ctreischmanlocation=:=home near". My phone is looking for keyword "ctreischmanlocation" as a location update and "home near" is what it should respond to. This is similar for everyone in my house with a phone. I send lots of messages this way. Once Tasker knows to do something, it performs action "Send Intent" to OwnTracks. The intent "Action" is "org.owntracks.android.CHANGE_MONITORING" and the "Extra" field will contain "monitoring:2". "monitoring:2" is the "Move" setting and "monitoring:1" is the "Significant Changes" setting. When I finally enter the "Home" region, NodeRed sends "ctreischmanlocation=:=home" which sets everything back to normal.

This may have given you more questions than answers.

By having everyone's location on my phone I was able to make the location clock below, similar to Harry Potter.

I cannot tell if these attachments are working.

[ctreischman]

Wow! They're huge. Sorry.

[hepcat72]

This is great stuff. I'm curious about about reliability. If any of these actions ever fail, what happens?

[ctreischman]

Join is great about backlogging the messages in case I don't have phone/internet connection at the time. Everything seemed reliable except for the Life360, even it was for a while. To begin with I just left a phone at home with life360 giving notifications and Tasker taking action on the notifications, but the phone batteries would swell an break the phones. The beauty of the nodered server was that it was always on and didn't have batteries.

If nodered seems to freeze while I'm on vacation, I have power cycled it with a wifi switch. All my other home switches are zwave controlled by Vera.

Join on the Ubuntu Desktop passes through a Chrome browser extension. Things get frozen occasionally when there is a chrome update available. But, I am in no way an IT specialist so there could be a better way of handling that rather than just waiting on it to freeze like me.

[hepcat72]

I'm coming from an iOS perspective. I assume Join is an Android thing? I'll have to think about a way to automate settings changes... I wonder if the iOS owntracks app has a shortcuts dictionary... Then all I would have to do is figure out how to capture the message from my node red to act on... But still, assuming I can do that, it seems fragile. Does your phone confirm receipt of the message, and if not confirmed, do you have node-red retry?

BTW, I've never encountered a node-red freeze before. What's going on there? If I ever need to reboot my pi, I issue a sudo shutdown -r command. A power cycle is a little risky.

[hepcat72]

Yes! OwnTracks has a shortcuts dictionary with a method to "Change Monitoring". Excellent.

[ctreischman]

My main freeze, that I think I have solved ended up being with memory or the memory sockets. Now, Join could stop sending/receiving messages just because of a chrome browser update. I don't really check on that computer unless I notice a new issue.

I cannot speak to receipts because I am not smart enough. Any missed messages would seem to be either all or none.

Here is the Join site. https://joaoapps.com/join/ This guy is super responsive and helpful. There does appear to be a desktop app for Mac, not sure about phones. There could be an apple way to pass info between devices after it is sent to a "hub" Mac.

[hepcat72]

I think apple has automations pretty locked down in terms of what can be triggered to run without manual confirmation. I've run into that issue numerous times. I'll hammer on it when I have time to sit down to it.

[hepcat72]

I set out to get OwnTracks working. Found a very easy to follow tutorial. Now I am receiving location updates on my node-red instance from my iPhone.

Initially, I was reading the OwnTracks booklet, and it is highly technical. Eventually, I decied that reading the booklet was overkill, so I googled and found that tutorial. But one thing I learned while reading the booklet is that OwnTracks on iOS runs differently compared to Android. On Android, it's always running in the background, but on iOS, the process is "killed off". From the booklet:

OwnTracks on Android runs in the background, all the time, whereas on iOS it is "killed off" by the operating system and woken up every several hundred seconds, in which it gets a teeny tiny time slot to do its thing.

I have not yet set up any functionality for triggering departure/arrival events. All I've got connected is a debug node that prints my location and it seems to be working.

For anyone else interested in walking through this with me, I took notes. I skipped the bits about the worldmap node. (I initially tried it, but my Node version is too outdated ATM.) Here are my notes. Sorry, I also skipped the webhookrelay setup (because I've already got that going - you can consult the original article above if you need help with that part.)

Owntracks notes
Based on: https://dev.to/webhookrelay/fast--simple-location-tracking-with-node-red-and-owntracks-195o

On webhookrelay.com (in browser on computer):
    Clicked Buckets
    Clicked New Empty Bucket
    Entered name "owntracks"
    Clicked Create
    Copied default public endpoint

On iPhone OwnTracks App
    Tap "i" at top left
    Tap "Settings" under "CONNECTION"
    Tap HTTP
    Paste default public endpoint from above in URL field (just above "EXPERT MODE")
    Disable Authentication
    Disable Password
    Enter a UserID (basically, your username - I entered "Rob")
    Enter a DeviceID (basically, the name of your iPhone)
    Back out of Status Info
    Force app to quit (because publish settings wasn't working)
    Restarte app
    Tap "i" at top left
    Tap "Settings" under "CONNECTION"
    Tap "Publish Settings"

On webhookrelay.com:
    Assuming still viewing the "owntracks" bucket page from above
    In the "Requests" area/card, click "REFRESH"
    Confirm that entries have populated with the settings you published from your iPhone
    Click the ellipsis
    Click details
        You should see something like:

{"_type":"dump","configuration":{"username":"user","maxHistory":0,"locked":false,"_type":"configuration","monitoring":-1,"deviceId":"","positions":50,"ranging":false,"cmd":false,"sub":true,"allowRemoteLocation":true,"tid":"","url":"https:\/\/9ur26g3i18vuds1g3pprvt.hooks.webhookrelay.com","ignoreStaleLocations":0,"allowinvalidcerts":false,"usePassword":false,"waypoints":[],"auth":false,"locatorInterval":180,"extendedData":true,"ignoreInaccurateLocations":0,"locatorDisplacement":200,"mode":3,"password":"pass","downgrade":0},"topic":"owntracks\/user\/024EA618-EF19-49D4-85E6-537D7C7550E4\/dump"}

    Click your browser's back button to get back to the bucket page

On iPhone OwnTracks App
    Assuming still viewing the settings page from above
    Enter an arbitrary secret encryption key (i.e. "a password") to encrypt the data that will be sent to webhook relay
    Back out of Status info and go back again to the settings page (not sure if necessary - to "save")
    Tap Publish Settings

On webhookrelay.com:
    Assuming still viewing the "owntracks" bucket page from above
    Click "REFRESH"
    Click the ellipsis on the newest entry (top one)
    Click details
        You should see something like (note the data is now encrypted):

{"_type":"encrypted","data":"xvphPubHelZc39KQ0QdRLXJpAIjJ53pEM55cRf81wv0U\/JQrA9RXndoHbKbyoGZT0F86fTu2kDv+IILDUBxLjWe8RN0YgpGHphbhdth5yHtPJ1kFzqhOaQKvcJJxH5sZG8PwOFSv69JNjtDdGfufIxze4YXIw\/vMX3Bcz9YyWlZMj+Zj1iGcKU7xLEBZfKnSEImqGy5qPlgMKLInJgD2Ozsq52OWe0BliIcjuVQ4aqhC4b0RPMBABCtmUaU7qP6VjIpnYSmMdnVSyCG5i+saMDsiR9iYppSZvSi9NWRPvYUPE7Vn66QXNJ9azfNkceKwnbt0xl5Ix5iHlGNrux6EavRcyPu4O4spON6w8CFP2w0APJgNBnO1N4vmXeRGKY95kgeuf21RF50nel2g1zxhZIePsZyhqlXSq5Uo9Im2ttDORmSjapXI2cLI\/3D7C+wS3qoXqVhkyDMHYEE75TKg6B8SYhu0LXKSp\/7gqMlGaGqXkMjFtwpyJywomASXwRZxS08NTbiMVmCm4EFwsCLd6MsdqEIEjCnjeQ\/5FPXvnqffTpJYdbWot0\/sALjqEeGAE5C4AmHaLhTxj7vpf4+w\/IXO0\/RbgVpnJ3uv2lDuZom3uItP7ZXz+JPKxC5ILVKQBjGyinC0W5ptvs6ZM0gHC7kcfxH39bufrNRj1gzEOtM4tJgnkiu9AiC6IN1MdzmBlX2dG0stA+HRtE9lMtKWqLtfmpj4YZg3zTWCbCwarKPp\/w7K16xIi+36NpgX1NxkUeRgZ07cjiGJn2oaWoJio6tHuHQpOTJFmXBfmCs1UtmC5\/UHQCH8BU7hfSaSRBgku847hYkEYY31EvXxuMk="}

    Click your browser's back button to get back to the bucket page

On your node-red instance:
    I've already set up a webhook relay node, so I'm not going to cover creating a webhookrelay token/secret, but you can go here to create a token: https://my.webhookrelay.com/tokens

    Add the "owntracks" bucket to the bucket list (comma-delimited) in the webhookrelay node's settings
    Click Done
    Add a switch node that takes msg.payload.meta.bucket_name and a has an output for `== "owntracks"`
    Add an node-red-contrib-owntracks node, set its secret to the secret you entered into the OwnTracks iPhone app, and connect it to the switch node's owntracks output
    Connect a debug node to the node-red-contrib-owntracks output
    Click Deploy
    Click the debug tab in the right pane

On iPhone OwnTracks App
    Assuming still viewing the settings page from above
    Tap Publish Settings

On your node-red instance:
    Confirm you get the decrypted owntracks data sent from your phone

[ctreischman]

I have been using MQTT versus HTTP.
From the app, it seems like the "locations" may be more reliable than the "transitions". When I look at the map the blue dot will be exactly on my location, but the device marker could be anywhere along my route from the last couple hours. And, it doesn't seem to create a leave/enter transition unless the device marker is in the region, so there is much lag even if the app is set to "Move" mode.. I don't know how to force a "transition" update. Maybe my phone is placing the blue dot; I'm not sure. Utilizing the "locations", I can essentially force the phones to provide an update by changing the mode. Maybe the next time my wife leaves I can verify that the "location" shows her correct regions even if the "transition" hasn't occurred yet.
Another slight complication, as I spoke of earlier about my nested regions, the "location" data lists the regions as an array and requires some additional logic to sort through that instead of the much simpler leaves/enters. I hope you can understand what I've said.

[hepcat72]

Yes, I understand. I've been playing around with it myself, though I'm not as far along as you are. I'm still just doing some basic testing. And yes, I made a similar conclusion as you: the transition events are essentially (or sound like they should be) geofence border crossing events. That's essentially how my Geofency app works and that's why it's unreliable. If that event doesn't happen for whatever reason, it doesn't happen. And I'm not sure that using MQTT would cause that event to buffer and wait for a connection to send because if I understand MQTT correctly (I think I do, but I could be wrong) buffering messages happens at the broker (not on the device). And that transition is attacheded to the location at the time it happened. Does your transition marker appear at or near your geofence border?

BTW, I'm pretty sure your phone is not adding the blue dot. That's owntrack's location data. I think the transition marker is just an event, not a device.

Also, if you create a "card", the yellow and blue map marker will change to whatever image you set. I don't know why they called it a "card".

I also tried changing the "monitoring" setting from significant to move (and every other available value), but in the app, the value never changed from -1, so I don't know if changing the setting is actually working for me. On iOS, changing that setting is controlled via a shortcut action. Another shortcut action I have for OwnTracks is "Send Now", which forces the app to send your location to the server. And I was actually thinking that I may be able to use significant more 100% of the time and simply use a personal automation geofence trigger to force a location update. The only annoying thing is that I found (and reported) a bug. The shortcut actions don't work unless you open the app first. They won't work if the app is in the background.

And after realizing all this and after realizing that my phone dying for the first time ever on Friday, I had an annoying thought... I could use personal automation geofence triggers to roll my own bare bones version of Life360 myself. I already know how to extract my phone's GPS coordinates. I've written a shortcut for that before. The only problem is Apple makes it really laborious to set up a repeating automation, so it's effectively impossible to set up a polling mechanism. I can use geofence triggers, but using 1 time events isn't reliable.

The other thought I had was I could use plugging and unplugging the charging wire triggers to switch between move and significant modes, but I'm pretty sure I was in significant mode when my phone died last week.

I spent an hour or 2 yesterday trying to mitigate the necessity to open the app to make the automations work by implementing a way to switch back to the previous app automatically after automations finish (I.e. the app has been opened). I actually got that to work yesterday. Thus ended play time, lol.

I just wish Life360 still worked. I'm really ticked at them for shutting the home automation community down. It's so annoying to not have a polished and reliable solution anymore.