Closed BigThunderSR closed 1 month ago
Did you have to sign-in again in the official app or did it just work right away?
Did you have to sign-in again in the official app or did it just work right away?
The official app had logged me out and made me sign-in very early in the week a couple of times, but this issue happened several days later.
We may need to request an API interface from GM.
I'm receiving this same error, logged into onstar online and problem persists
@nilathedragon, do you have any thoughts on a solution to this issue? Thanks.
@samrum is this project still active? Looks like OnStar changed something on their end.
I've been merging fixes from the community as they come up but I'm not really involved in maintaining API access anymore.
My app logged me out too. New prompt in app about “new account security” and I noticed the sign in process to be different.
My WIP Swift client is also facing this issue. I noticed the new sign in flow in myBrand a few weeks ago, they have switched to signing in via OAuth2 on the respective brand's website instead of directly in app. I had a feeling they would kill the method unofficial libraries are using because that flow has some glaring security issues (2fa afaict was done entirely client side, so using API directly bypassed it 😬). This is good for security but OnStarJS's authentication will need to be rewritten for this flow (make sure you store the refresh token or whatever they call it in the new flow, the old flow had a idToken
that OnStarJS didn't use when it should've)
Do we think they will be able to update the auth method, or does this mark the end of us being able to access the API?
I would be surprised if this means the end of API access. Someone just needs to write the code to handle the new authentication
The fix from https://github.com/samrum/OnStarJS/pull/256 works. Thanks much @nilathedragon!!!
I pulled a new image, and even tried making a new UUID, but I am getting "Request Failed with status 403 - Forbidden" when trying to send a command. Any ideas?
I pulled a new image, and even tried making a new UUID, but I am getting "Request Failed with status 403 - Forbidden" when trying to send a command. Any ideas?
The fix hasn't been pushed out yet
BigThunderSR rolled it in to his onstar2mqtt, I meant to post this on that thread. My bad.
Thanks again @nilathedragon!
Thank you!!!! Works great!!!
As of yesterday, all requests are failing with "401 - Unauthorized" for everyone. The official apps are still working, so does not seem like the API is down.