Unable to authenticate since updating to B14

[johnwalk61]

`Logger: pyaarlo Source: custom_components/aarlo/pyaarlo/init.py:165 Integration: aarlo (documentation, issues) First occurred: 10:07:21 PM (20 occurrences) Last logged: 10:11:24 PM

body-error=JSONDecodeError authentication failed

and

Logger: custom_components.aarlo Source: custom_components/aarlo/init.py:495 Integration: aarlo (documentation, issues) First occurred: 10:07:24 PM (5 occurrences) Last logged: 10:11:24 PM

unable to connect to Arlo: attempt=1,sleep=15,error=authentication failed unable to connect to Arlo: attempt=2,sleep=30,error=authentication failed unable to connect to Arlo: attempt=3,sleep=60,error=authentication failed unable to connect to Arlo: attempt=4,sleep=120,error=authentication failed unable to connect to Arlo: attempt=5,sleep=240,error=authentication failed

Using backend: sse but tried without specifying backend.

[djjoakim]

Tried every version of it, dosen't work for me.. I get this in the logs I also have backend: sse

unable to connect to Arlo: attempt=1,sleep=15,error=authentication failed unable to connect to Arlo: attempt=2,sleep=30,error=authentication failed unable to connect to Arlo: attempt=3,sleep=60,error=authentication failed unable to connect to Arlo: attempt=4,sleep=120,error=authentication failed

[sological]

I possibly posted this in the wrong issue. Here it is again. This is what I get in the debug log when failing to connect to arlo

Edit: What I wanted to share is that Cloudflare asks me to enable cookies. I don't know how to do that. Is there a setting somewhere or not possible at all?

<head>
<title>Attention Required! | Cloudflare</title>
<meta charset="UTF-8" />
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<meta http-equiv="X-UA-Compatible" content="IE=Edge" />
<meta name="robots" content="noindex, nofollow" />
<meta name="viewport" content="width=device-width,initial-scale=1" />
<link rel="stylesheet" id="cf_styles-css" href="/cdn-cgi/styles/cf.errors.css" />
<!--[if lt IE 9]><link rel="stylesheet" id='cf_styles-ie-css' href="/cdn-cgi/styles/cf.errors.ie.css" /><![endif]-->
<style>body{margin:0;padding:0}</style>

<!--[if gte IE 10]><!-->
<script>
  if (!navigator.cookieEnabled) {
    window.addEventListener('DOMContentLoaded', function () {
      var cookieEl = document.getElementById('cookie-alert');
      cookieEl.style.display = 'block';
    })
  }
</script>
<!--<![endif]-->

</head>
<body>
  <div id="cf-wrapper">
    <div class="cf-alert cf-alert-error cf-cookie-error" id="cookie-alert" data-translate="enable_cookies">Please enable cookies.</div>
    <div id="cf-error-details" class="cf-error-details-wrapper">
      <div class="cf-wrapper cf-header cf-error-overview">
        <h1 data-translate="block_headline">Sorry, you have been blocked</h1>
        <h2 class="cf-subheadline"><span data-translate="unable_to_access">You are unable to access</span> ocapi-app.arlo.com</h2>
      </div><!-- /.header -->

[HunterDG]

For anyone else still struggling with this issue, maybe this will help:

I think that for some reason, the 2FA prompt requested by HACS aarlo isn't delivered to the phone app if:

• the 2FA prompt hasn't recently been otherwise successfully delivered (e.g. via a login attempt from https://my.arlo.com )
• the phone app's notifications are turned off (even if I had the app open in the foreground waiting for a prompt)

Perhaps also important: I'm using a separate arlo account/email address for HACS aarlo (main account is configured to "grant access" to the secondary account) - and of course I was using this secondary account in all of the steps below.

Rationale: Despite deleting the config/.aarlo/aarlo.pickle and session.pickle files, downgrading versions, trying mqtt_hostname_check: False config entry, etc, I was still stuck with NO 2FA prompt (I'm using app PUSH). I assumed I SHOULD be receiving the prompt because of course I had successfully received it when I originally set up HACS aarlo, so why would that have changed? After poking around with verbose debug/logger settings, I decided to start over from scratch.

I finally resolved this by:

1. uninstalling aarlo from HACS completely (and commenting out all the aarlo entries in configuration.yaml)
2. deleting the config/.aarlo folder
3. restarting Home Assistant
4. changing my 2FA method (via the arlo app) to an alternative, then back to PUSH
5. ENSURING I had arlo app notifications enabled in my PHONE'S settings (I had previously disabled them at the OS level)
6. logging in to https://my.arlo.com (via web browser using the same internet connection as Home Assistant) and accepting the PUSH 2FA prompt on my phone (which kicked me out of the phone app)
7. re-logging in to my phone's arlo app
8. re-installing latest version of aarlo from HACS (and un-commenting all the aarlo entries in configuration.yaml)
9. restarting Home Assistant again

I then finally received the 2FA PUSH prompt from aarlo's login attempt, accepted it, and all was good!

just for reference, here is all of my (working) aarlo config:

aarlo:
  username: !secret arlo_username
  password: !secret arlo_password
  tfa_source: push
  tfa_type: PUSH
  backend: sse
media_player:
  - platform: aarlo
camera:
  - platform: aarlo

[neilsleightholm-paxton]

I am not using push but seeing the same, in fact it was working fine and then I restarted without any upgrade and authentication failed. I then upgraded HA to 2023.7 and the auth still failed. Upgrading to B18 and still not working.

I tend to have this when a new release comes out then a few days later it is ok.

Does anyone know if you can retry aarlo auth without restarting all of HA?

[terententen]

I essentially gave up for the last 6 weeks. Saw some recent activity on here so figured I'd try HunterDG's stuff from above however that didn't work for me. This still has everything to do with Cloudflare blocking.

...
<h2 class="cf-subheadline"><span data-translate="unable_to_access">You are unable to access</span> ocapi-
app.arlo.com</h2>
...

I can access from my phone and from my web browser but just cannot through HA.

[riro-at]

it doesn't work again 😱 v0.7.4b18 /config/.aarlo/aarlo.pickle: 'utf-8' codec can't decode byte 0x80 in position 0: invalid start byte please help

[HunterDG]

I essentially gave up for the last 6 weeks. Saw some recent activity on here so figured I'd try HunterDG's stuff from above however that didn't work for me. This still has everything to do with Cloudflare blocking.

...

<h2 class="cf-subheadline"><span data-translate="unable_to_access">You are unable to access</span> ocapi-

app.arlo.com</h2>

...

I can access from my phone and from my web browser but just cannot through HA.

I was also seeing the same thing, but couldn't rationalize how arlo/cloudflare was blocking only HA, but not my phone/laptop, while all 3 devices are using the same internet provider/IP address. I was also seeing 2FA failures in the HA logs, thus my decision to start over from scratch.

Wish I could help more though.

[koira]

using HA with aarlo from southern Thailand I can confirm same findings: downgrading to b12 made it all work again.

[rhino53150]

Commenting so I can get an update about the same issue.