HTTP "Forbidden" on /api/v1/new

Started by phoddie
4df5b94890b31565f17234378f1cb7ed?s=128&d=mm

phoddie

Hello –

I have been using the Open API successfully for several months. Recently, authorization attempts are failing. Please see the curl trace below for a typical example. When this request is executed, the Nanoleaf panel controller is in authorization mode (press & hold power button until light starts to flash). This occurs with 3.0.5 and 3.06 firmware, even after reseting the controller.

Any suggestions?

Thank you.

– Peter

curl http://10.0.1.6:6517/api/v1/new -X POST -v

  • Trying 10.0.1.6…
  • TCP_NODELAY set
  • Connected to 10.0.1.6 (10.0.1.6) port 6517 (#0)
    POST /api/v1/new HTTP/1.1
    Host: 10.0.1.6:6517
    User-Agent: curl/7.54.0
    Accept: /

< HTTP/1.1 470 Connection Authorization Required

  • no chunk, no close, no size. Assume close to signal end
    <
  • Closing connection 0
D82f51c8f6028e0c3681d1e83dc4c3d4?s=128&d=mm

Rowak

I seemed to get this error only when using port 6517. Using the default port 16021 works just fine.

Side note: what is port 6517? It seems to be able to actually connect to the device while other ports can't, such as 6516.

4df5b94890b31565f17234378f1cb7ed?s=128&d=mm

phoddie

@Rowak - Thanks pointing that out. I should have been using 16021. I tried 6517 when 16021 failed. Here's the trace on port 16021:

curl http://10.0.1.2:16021/api/v1/new -X POST -v
Trying 10.0.1.2…
Connected to 10.0.1.2 (10.0.1.2) port 16021 (#0)
POST /api/v1/new HTTP/1.1
Host: 10.0.1.2:16021
User-Agent: curl/7.54.0
Accept: /

HTTP/1.1 403 Forbidden
Content-Length: 0

  • Connection #0 to host 10.0.1.2 left intact
D82f51c8f6028e0c3681d1e83dc4c3d4?s=128&d=mm

Rowak

Yup that's the error you should be getting without the aurora being in authentication mode. Once you hold down the power button for 7 seconds and run the command again you should get a code 200.

C39416f4bdabbd5010f596095fb24348?s=128&d=mm

Aliakbar Eski

port 6517 is for homekit. This is listed in bonjour as well under the _hap._tcp folder.
Unless you are a HK Client, you will not be able to connect to it easily.

Regards.