New Single-Key Authentification

[jk-andersen]

Bosch changed their auth-system to single-key. Can this integration be updated to support it?

Official mail by Bosch:

Aufgrund einer Aktualisierung unseres zentralen Cloud-Systems werden die Bosch Smart Gardening App und die damit verbundenen Dienste für unseren Robotermäher Indego von Montag, 27. Februar bis Mittwoch, 1. März 2023 nicht verfügbar sein.

Nach dem Upgrade ist es erforderlich, die Bosch Smart Gardening App auf die Version 4.0 aktualisieren. Frühere Versionen bieten keinen Zugriff mehr auf den Indego.

Im Rahmen des Upgrades unseres zentralen Cloud-Systems erfolgt eine Umstellung der bisher verwendeten lokalen E-Mail-Konten auf zentrale Bosch ID-Konten.

Das ermöglicht es unseren Nutzerinnen und Nutzern, ihre Anmeldedaten für alle Bosch-Produkte zu nutzen. Es umfasst unter anderem auch unsere MyBosch-Plattform, die weitere Servicevorteile rund um unsere Produkte, wie z. B. Garantieverlängerungen, bietet.

Je nach Art des Benutzerkontos, mit dem der Indego gekoppelt ist, sind aufgrund des Upgrades gegebenenfalls zusätzliche Schritte erforderlich. Nachfolgend die entsprechenden Details.

[jm-73]

Sure!
But I will also remind everybody that it is a community effort. My mower is in storage until april/may sometime. I will not look into this until then. But feel free to contribute with code. I will gladly accept pull requests from anybody and also test them. It is not hard to learn Python, it only takes some time. And it is not that hard when all the job is already done. modifications are much easier than to write the integration from scratch.

[jm-73]

Cool. Lets hope someone picks up the challenge to look into the code.

[jm-73]

Capable? BS. I couldnt write a single code of Python a couple of years ago...

[jm-73]

I know that before people have used the Android app. The files are just zipped in an apl file. The Ios app is encrypted, the files cannot be reversed engineered.

[sttaelma]

I would love to try get this to work, but sadly I don't think I am capable enough to do this here. It would be great if someone can use this to get this working again! btw. with the new app at least I still cant get my indego to work. Does the app work for anyone yet?

you need to reset the app - so clear the cache and data - it seems

[sttaelma]

i have found a start at least:

the clientid is hardcoded in the code, as is the redirect_uri and the scope. not sure about the code_challenge part

[kp-bit]

Sure! But I will also remind everybody that it is a community effort. My mower is in storage until april/may sometime. I will not look into this until then. But feel free to contribute with code. I will gladly accept pull requests from anybody and also test them. It is not hard to learn Python, it only takes some time. And it is not that hard when all the job is already done. modifications are much easier than to write the integration from scratch.

Fair enough, the mower does not need to be online though to test the login, this is purely authentication between HA (or the BoschSmartGarden app) and the backend.

[sttaelma]

i have found a start at least:
the clientid is hardcoded in the code, as is the redirect_uri and the scope. not sure about the code_challenge part

@sttaelma just out of interest how did you find this link? I am Just learning how to do this. and resetting the app sadly didn't help. I probably have to rebind the indego.

could the code_challenge be password and username somehow encoded?

Force reset the app, and before logging in copy the link, paste it in postman

Also, it seems that the home connect integration also works with that same ID website, maybe that's a way to go?
I'm kinda stuck myself now

[glppfr]

Some progress on the login protocol by looking at Authorization code flow with OAuth 2.0 Azure Active Directory B2C https://learn.microsoft.com/en-us/azure/active-directory-b2c/authorization-code-flow

1/ Get an Authorization code
As mentioned by @sttaelma, the url is the following https://prodindego.b2clogin.com/prodindego.onmicrosoft.com/b2c_1a_signup_signin/oauth2/v2.0/authorize?redirect_uri=com.bosch.indegoconnect://login&client_id=65bb8c9d-1070-4fb4-aa95-853618acc876&response_type=code&scope=openid%20offline_access%20https://prodindego.onmicrosoft.com/indego-mobile-api/Indego.Mower.User
NB: I removed code_challenge & code_challenge_method as it seems to be optional for this request.

This will bring to custom login page with Bosch ID / Apple or Facebook
When clicking on Bosch ID, it will bring the SingleKey ID login page: https://identity-myprofile.bosch.com/ids/login
Once you login, you will get a response with the authorization "code"

2/ Get an Access Token
Follow the protocol and use the following url with the "code" from step1
https://prodindego.b2clogin.com/prodindego.onmicrosoft.com/b2c_1a_signup_signin/oauth2/v2.0/token?grant_type=authorization_code&client_id=65bb8c9d-1070-4fb4-aa95-853618acc876&scope=openid%20offline_access%20https://prodindego.onmicrosoft.com/indego-mobile-api/Indego.Mower.User&code=COPY_CODE_FROM_STEP1&redirect_uri=com.bosch.indegoconnect://login&code_verifier=ThisIsntRandomButItNeedsToBe43CharactersLong
NB: the code_verifier is dummy here, maybe it's part of the problem after ?

You get a successful answer with an "access_token"

3/ Use the token
My understanding is that the "access token" should now be passed as Authorization header (Bearer token type) to the indego API url like https://api.indego-cloud.iot.bosch-si.com/api/v1/authenticate?accept_tc_id="202012"&device=""&dvc_manuf="unknown"&dvc_type="unknown"&os_type="Android"&os_version="4.0"
FYI in the indego java code, the bearer is also mentioned for authorization.

Unfortunately I just get 403 forbidden

Any clue to solve this ?

[glppfr]

@HAuser1234 before I login on the single key id login page, I launch the Developer tools / Network in chrome.
Then after I enter the login information, I get a "Please wait.." page.
In the Network tab, the last line is a response from https://prodindego.b2clogin.com/prodindego.onmicrosoft.com/oauth2/authresp which is starting by com.bosch.indegoconnect://login/?code=XXXXXXXX
The authorization code is the XXXXXXXX

Be careful that Authorization codes are very short-lived. Typically, they expire after about 10 minutes. So you need to use the code fast to succeed in step2

Did you manage to capture HTTP traffic from the actual indego app ? maybe it could help to understand what is missing to call the indego api. Clearly the bearer access token is not enough, maybe some sso cookies are also necessary.

[sander1988]

3/ Use the token My understanding is that the "access token" should now be passed as Authorization header (Bearer token type) to the indego API url like https://api.indego-cloud.iot.bosch-si.com/api/v1/authenticate?accept_tc_id="202012"&device=""&dvc_manuf="unknown"&dvc_type="unknown"&os_type="Android"&os_version="4.0" FYI in the indego java code, the bearer is also mentioned for authorization.

Unfortunately I just get 403 forbidden

I was trying the same thing for hours... it seems there no need to call /authenticate after finishing the OAuth process! Just call the API you need info from with the Bearer header set :-) . My mower is still in winter storage. But this data seems to be correct...

[sander1988]

I'm wondering if some already started implementing the OAuth login in this HA plugin? I can do this, but I would like to know if someone already started to prevent us from developing the same thing ;-).

Note that I have forked this project a few months ago to implement several small improvements. The most important one: Moved the configuration from yaml to GUI. I haven't yet opened a merge request as I wanted to test it myself after mower winter storage. Using this plugin config through the GUI would also make the OAuth flow more user friendly.

[jm-73]

Pull requests are welcome!

[sander1988]

I got the OAuth flow working in my dev environment, but there is a catch I would like to discuss first (before I fully implement it in the API calls)...

Redirecting 'com.bosch.indegoconnect://login/?code=XXXXXXXX' to HomeAssistant was a hard one to solve. I have created a small Chrome extension to solve this issue which injects a redirect in the auth response. The user has to install this extension (temporary) before adding the component in HomeAssistant.

I can't think of another cleaner way, except from Bosch allowing us to add custom client IDs like they did for the Home Connect API https://www.home-assistant.io/integrations/home_connect/ . But I couldn't find a Bosch developer portal for Indego.

Is this acceptable? Or does someone have a better idea?

[pinsdorf]

Hello @sander1988, thanks for looking into this. Much appreciated!

I'm surprised that it takes an extra browser plugin to authenticate, because OAuth and OpenID Connect are broadly adopted technologies. Many HA addons should have the same problem. Are you aware of HomeAssisants documentation on OAuth handling for integrations? In addition I found HA tipps for authentication but this looks like authentication against HA.

So, I'd assume there is a better way than an extra Chrome plugin, but I did not try myself so I cannot tell exactly how.

[sander1988]

I'm surprised that it takes an extra browser plugin to authenticate, because OAuth and OpenID Connect are broadly adopted technologies. Many HA addons should have the same problem. Are you aware of HomeAssisants documentation on OAuth handling for integrations? In addition I found HA tipps for authentication but this looks like authentication against HA.

True, the HA API makes it easy to integrate OAuth ; that's I'm using. Normally it's not that difficult (this is not my first OAuth integration). But I think the challenge in this case it's clear enough. Let me explain...

• Bosch OAuth server requires a registered Client ID. We couldn't find a way to register a new OAuth client for the Indego scope. So we have to use the one extracted from the app as a workaround.
• This Client ID has a static redirect URL prefix configured: com.bosch.indegoconnect://login . Which we can't change otherwise the OAuth request is denied.
• The browser doesn't handle the URL schema com.bosch.indegoconnect ; so it stops/blocks the redirect after authenticating.
• I have created a Chrome Extension to handle the schema com.bosch.indegoconnect and redirect it to HA.

[pinsdorf]

Thanks, @sander1988. Your explanation makes the problem much clearer to me. The custom URL prefix is a common way to have a specific app reacting to a URL. The app simply registers itself as handler for the custom protocol and gets the request (callback) presented. Could we likewise register the Indego addon as custom protocol handler in HA?

[sander1988]

Could we likewise register the Indego addon as custom protocol handler in HA?

Yes and no. Yes if we write a fully custom OAuth helper for HA. No, when we use the build-in HA helper.

Why? The OAuth helpers in HA work like this:

1. Auth flow is handled by the browser.
2. Token refresh is handled by HA.

Point 1 is where we need to handle com.bosch.indegoconnect://login. I think I just came up with solution to work around this, but that takes much more development time to integrate.

The idea: Develop a custom HA OAuth helper which proxies the auth flow web requests through HA (instead of directly in the browser) so we can replace/handle com.bosch.indegoconnect://login when it receives the redirect response. I'm pretty sure this will work, but I don't have the time to develop this at the moment.

I'm to thinking of focussing on fixing the auth so we can use this component. And development a v2 of the auth which don't require the Chrome Extension when there is time.

[sander1988]

It works! I see data, but I can't test sending commands to the mower at the moment. I will do that within a few weeks when weather improves.

I will monitor the integration for stability the next couple of weeks and create updates if an issue appears.

I have created to merge requests:

• Adds OAuth (Bosch SingleKey ID support)  pyIndego#117
• Adds OAuth (Bosch SingleKey ID support) #173

Please check first:

• Is info.md still relevant? I think it should be removed.
• The README.
• Merge this MR: Adds OAuth (Bosch SingleKey ID support)  pyIndego#117 . Afterwards I can update the manifest in this MR.

[glppfr]

Congratulations @sander1988 this is quite impressive how you managed to support the new oauth flow ! The chrome extension is a great bypass. Let's hope Bosch will enable us to add custom client id and secret in the future.

[JeedHome44]

@sander1988 sorry for me bad english, i'm french ! thank you so much ! it's work for me !
Can you add State number please in your integration ?
Before i use Jeedom to connect my Indego. Now i will use Home assistant.
With Jeedom, i had state number before and i use it in automation.
it's possible or no? Mower state detail is already state number?

[sander1988]

I will monitor the integration for stability the next couple of weeks and create updates if an issue appears.

I noticed that the client can get into a update state loop when the Bosch servers are down for some time (e.g. HTTP status 502). I had already tried to suppress such scenarios (https://github.com/sander1988/Indego/blob/master/custom_components/indego/__init__.py#L448) but it doesn't seem to be enough.

@jm-73 - It there a reason why the client has been designed to suppress errors (return None) rather than raising them? This makes it harder to detect failure from the implementation side (in this case HA).

[sander1988]

Can you add State number please in your integration ?

@JeedHome44 - Do you mean the integer key of the mower state? https://github.com/jm-73/pyIndego/blob/ca6adbf8ac39875a32babaabef5011bfe6d40bfb/pyIndego/const.py#L92

E.g. 260 when the mower is charging?

[JeedHome44]

Can you add State number please in your integration ?

@JeedHome44 - Do you mean the integer key of the mower state? https://github.com/jm-73/pyIndego/blob/ca6adbf8ac39875a32babaabef5011bfe6d40bfb/pyIndego/const.py#L92

E.g. 260 when the mower is charging?

Hello!

Yes please I need this information in number. Possible tu have a sensor with this in number ?
All action work perfectly.
Only 1 think don't work: binary_sensor.indego_XXXXXXX_alert

Mower is ok but Alert is always true.

[sander1988]

Only 1 think don't work: binary_sensor.indego_XXXXXXX_alert

Mower is ok but Alert is always true.

Looking at the code this is true when there are more than 0 alerts in history. I have not changed this. In my opinion it should also check the read/unread status of the alert and only show 'Problem' in HA when there are unread alerts. Maybe open another issue when more people agree on this?

So I expect that when you remove all alert messages (using the app) the state in HA resolves to OK after some time.

[sander1988]

Yes please I need this information in number. Possible tu have a sensor with this in number ?

But it still works as an extra attribute, right? Why does it need to be another separate sensor?

[JeedHome44]

Yes please I need this information in number. Possible tu have a sensor with this in number ?

But it still works as an extra attribute, right? Why does it need to be another separate sensor?

Oh sorry yes it's work ! I don't see attribute before.

Good work !

[jk-andersen]

I tested this - great work, thanks a lot for your work here!

[sander1988]

Maybe it's time to merge the pull request with the new authentication method into the main branch and release a version. Whatever testing is still needed, the old version is unusable anyway.

Is there anything left preventing us from merging the change?

I agree! I have the latest version running now for 5 days without any issue.

[jm-73]

Merged today!

[jm-73]

But I cant get my installation to work...

[jm-73]

2023-04-26 22:32:52.043 DEBUG (MainThread) [custom_components.indego.config_flow] Application credentials found, NOT creating

2023-04-26 22:32:57.099 INFO (MainThread) [custom_components.indego.config_flow] Successfully authenticated

2023-04-26 22:32:57.099 DEBUG (MainThread) [custom_components.indego.config_flow] Testing API access by retrieving available mowers...

2023-04-26 22:32:57.100 ERROR (MainThread) [aiohttp.server] Error handling request

Traceback (most recent call last):

File "/usr/local/lib/python3.10/site-packages/aiohttp/web_protocol.py", line 433, in _handle_request

resp = await request_handler(request)

File "/usr/local/lib/python3.10/site-packages/aiohttp/web_app.py", line 504, in _handle

resp = await handler(request)

File "/usr/local/lib/python3.10/site-packages/aiohttp/web_middlewares.py", line 117, in impl

return await handler(request)

File "/usr/src/homeassistant/homeassistant/components/http/security_filter.py", line 85, in security_filter_middleware

return await handler(request)

File "/usr/src/homeassistant/homeassistant/components/http/forwarded.py", line 100, in forwarded_middleware

return await handler(request)

File "/usr/src/homeassistant/homeassistant/components/http/request_context.py", line 28, in request_context_middleware

return await handler(request)

File "/usr/src/homeassistant/homeassistant/components/http/ban.py", line 80, in ban_middleware

return await handler(request)

File "/usr/src/homeassistant/homeassistant/components/http/auth.py", line 235, in auth_middleware
return await handler(request)

File "/usr/src/homeassistant/homeassistant/components/http/view.py", line 146, in handle

result = await result

File "/usr/src/homeassistant/homeassistant/components/config/config_entries.py", line 171, in get

return await super().get(request, flow_id)

File "/usr/src/homeassistant/homeassistant/helpers/data_entry_flow.py", line 96, in get

result = await self._flow_mgr.async_configure(flow_id)

File "/usr/src/homeassistant/homeassistant/data_entry_flow.py", line 271, in async_configure

result = await self._async_handle_step(

File "/usr/src/homeassistant/homeassistant/data_entry_flow.py", line 367, in _async_handle_step

result: FlowResult = await getattr(flow, method)(user_input)

File "/usr/src/homeassistant/homeassistant/helpers/config_entry_oauth2_flow.py", line 332, in async_step_creation

return await self.async_oauth_create_entry(

File "/config/custom_components/indego/config_flow.py", line 78, in async_oauth_create_entry

api_client = IndegoAsyncClient(

TypeError: IndegoAsyncClient.init() got an unexpected keyword argument 'token'`

[sander1988]

I would guess the pyIndego lib is not the new version that supports the new Single-Key auth. As 'token' is one of the new arguments.

[kimzeuner]

i have an issue too, everything is working fine as long as i don't restart my HA after adding the indego. if i restart HA i get the following log entry (also after multiple restarts):
Logger: homeassistant.config_entries
Source: helpers/config_entry_oauth2_flow.py:209
First occurred: 06:41:30 (1 occurrences)
Last logged: 06:41:30

Error setting up entry Paula (128603577) for indego
Traceback (most recent call last):
File "/usr/src/homeassistant/homeassistant/config_entries.py", line 383, in async_setup
result = await component.async_setup_entry(hass, self)
File "/config/custom_components/indego/init.py", line 223, in async_setup_entry
await indego_hub.update_generic_data_and_load_platforms(load_platforms)
File "/config/custom_components/indego/init.py", line 369, in update_generic_data_and_load_platforms
generic_data = await self._update_generic_data()
File "/config/custom_components/indego/init.py", line 616, in _update_generic_data
await self._indego_client.update_generic_data()
File "/usr/local/lib/python3.10/site-packages/pyIndego/indego_async_client.py", line 262, in update_generic_data
self._update_generic_data(await self.get(f"alms/{self.serial}"))
File "/usr/local/lib/python3.10/site-packages/pyIndego/indego_async_client.py", line 546, in get
return await self._request(method=Methods.GET, path=path, timeout=timeout)
File "/usr/local/lib/python3.10/site-packages/pyIndego/indego_async_client.py", line 477, in _request
self._token = await self._token_refresh_method()
File "/config/custom_components/indego/init.py", line 328, in async_token_refresh
await session.async_ensure_token_valid()
File "/usr/src/homeassistant/homeassistant/helpers/config_entry_oauth2_flow.py", line 499, in async_ensure_token_valid
new_token = await self.implementation.async_refresh_token(self.token)
File "/usr/src/homeassistant/homeassistant/helpers/config_entry_oauth2_flow.py", line 92, in async_refresh_token
new_token = await self._async_refresh_token(token)
File "/usr/src/homeassistant/homeassistant/helpers/config_entry_oauth2_flow.py", line 182, in _async_refresh_token
new_token = await self._token_request(
File "/usr/src/homeassistant/homeassistant/helpers/config_entry_oauth2_flow.py", line 209, in _token_request
resp.raise_for_status()
File "/usr/local/lib/python3.10/site-packages/aiohttp/client_reqrep.py", line 1005, in raise_for_status
raise ClientResponseError(
aiohttp.client_exceptions.ClientResponseError: 400, message='Bad Request', url=URL('https://prodindego.b2clogin.com/prodindego.onmicrosoft.com/b2c_1a_signup_signin/oauth2/v2.0/token')

Do you have any idea what is wrong ?

[sander1988]

@kimzeuger - First make sure you are one the latest version with a fix for a similar issue (#173 (comment)). Also make sure your HA (or this integration) isn't offline for longer than 12 hours ; this is a limitation we can't fix and caused by a misconfiguration by Bosch (see #173 for more details)

When it still happens please provide a few things:

1. The full log with the indego components in debug mode (see below) including the logs of the last 15 minutes before your HA restart.
2. Give the us the date and time of when you have added the integration.
3. Give the us the date and time of when you have restarted HA.
4. Please provide the component OAuth state from the json file config/.storage/core.config_entries (you should redact your tokens). See below.

Enable debug mode for these components:

...
logger:
  logs:
    homeassistant.helpers.config_entry_oauth2_flow: debug
    custom_components.indego: debug
    pyIndego.indego_async_client: debug
...

Your OAuth state should look something like this:

        "domain": "indego",
        "title": "Grasmaaier (XXXXXX)",
        "data": {
          "auth_implementation": "indego",
          "token": {
            "access_token": "XXXXXX",
            "id_token": "XXXXXX",
            "token_type": "Bearer",
            "not_before": 1682547556,
            "expires_in": 86400,
            "expires_on": 1682633956,
            "resource": "XXXXXX",
            "id_token_expires_in": 86400,
            "profile_info": "XXXXXX,
            "scope": "https://prodindego.onmicrosoft.com/indego-mobile-api/Indego.Mower.User offline_access openid",
            "refresh_token": "XXXXXX",
            "refresh_token_expires_in": 2592000,
            "expires_at": 1682633956.3937583
          },
          "mower_serial": "XXXXXX",
          "mower_name": "Grasmaaier"
        },

[kimzeuner]

@sander1988 - Thanks for your quick reply, seems as updating to the latest version fixed it. Sorry for disturbing, should have been able to manage this on my own.

[Jeroenth]

All, I have installed the latest version and now I am trying to enable the integration. After being redirected to the website, the website of Bosch first showed me the single-ID page, which I filled in. Thereafter it stays on a page that just says "Please wait"

Any idea?

[LarsLautrup]

All, I have installed the latest version and now I am trying to enable the integration. After being redirected to the website, the website of Bosch first showed me the single-ID page, which I filled in. Thereafter it stays on a page that just says "Please wait"

Any idea?

Have you installed the Chrome extension?
There's a .zip-file in the develop-branch.

/Lars.

[Jeroenth]

All, I have installed the latest version and now I am trying to enable the integration. After being redirected to the website, the website of Bosch first showed me the single-ID page, which I filled in. Thereafter it stays on a page that just says "Please wait"
Any idea?

Have you installed the Chrome extension? There's a .zip-file in the develop-branch.

/Lars.

@LarsLautrup, thanks for the quick reply! solved the issue (or actually not issue, just not reading properly)

[Mikaaaeru]

Hi, I'm sorry but I don't find the chrome extension for the login can anyone help ?

[r2b5]

Hi, I'm sorry but I don't find the chrome extension for the login can anyone help ?

https://github.com/sander1988/Indego/blob/master/chrome-extension.zip

[35aportal]

All,
As a previously content HA and Indego user, I'm really grateful for the work put in by several on this thread to get things working again after the Single-ID changes implemented by Bosch. Regrettably, I'm not able to find a clear set of steps that I can follow to get my Indego working again.

I got as far as the 'code' described in glppfr's post from Mar 7, but that's it. I'm not sure that the code (which is much longer than the "XXXXXXXX" shown in the Mar 8 post) is correct and what I must do with it. The rest of the messages in the thread don't make any sense to me and so I'm stuck.

I'd be immensely grateful if someone more knowledgeable than me could assemble a set of steps that a novice could follow?

[kaystrobach]

please consider installing the chrome extension mentioned above. this made it easy to connect for me.

[35aportal]

Wow - how easy was that!

So the 'novice' steps are...

1. Remove the old HACS integration.
2. Install the Chrome extension - https://github.com/sander1988/Indego/blob/master/chrome-extension.zip.
3. Copy the files from https://github.com/jm-73/Indego/releases/tag/5.0.1 to your PC - unpack the files - upload the contents of the Indego\custom_components\indego folder to your custom_components folder.
4. Reboot HA (not restart, do a full reboot).
5. Add the integration through the HomeAssistant interface (Settings > Devices & Services > Add Integration). Search for 'Bosch Indego Mower' - follow the prompts

And that's pretty much it - thanks again to all who made this possible.

[sytchi]

1. Remove the old HACS integration.
   ...
2. Copy the files from https://github.com/jm-73/Indego/releases/tag/5.0.1 to your PC - unpack the files - upload the contents of the Indego\custom_components\indego folder to your custom_components folder.

you can also download the fixed version with no manual file copying

• go to HACS
• open "Bosch Indego Mower" integration
• click on three dots in the upper right corner
• choose "Redownload"
• select "show beta versions"
• choose 5.0.1
• click download

Then you follow points 2, 4 and 5 from the above with no change:

• Install the Chrome extension - https://github.com/sander1988/Indego/blob/master/chrome-extension.zip.
• Reboot HA (not restart, do a full reboot).
• Add the integration through the HomeAssistant interface (Settings > Devices & Services > Add Integration). Search for 'Bosch Indego Mower' - follow the prompts

[codecat42]

@sander1988, thanks for this feature! @35aportal and @sytchi, thanks for the nice summary!

Using the browser's developer tools (Firefox in my case) I was able to provide Home Assistant with the authentication reply without a browser plugin (although it requires minor manual work). When you get the Please wait... reply in the browser's window, click on the last POST request to prodindego.b2clogin.com. It should have Location header in it's response that looks similar to:

Location: com.bosch.indegoconnect://login/?state=...&code=...

Just take the part beginning with the question mark (?) and all following data and append it to this url:

https://my.home-assistant.io/redirect/oauth

The result should look something like this

https://my.home-assistant.io/redirect/oauth?state=...&code=...

and allows the authentication flow to finish.

[steveteuber]

@codecat42 Many thanks! This is working like a charm. I made the mistake and replaced the domain
my.home-assistant.io with my custom domain which ends in a 404: Not Found...

When someone wants to use their own domain you can use the following url:
https://my-custom-domain.tld/auth/external/callback?state=...&code=...

[Neo91284]

I have successfuly managed to implement this integration to my Home Assistant. Many thanks to the developer.

Are there only sensors in that Integration? I ready about something that in the current Version there should be a vaccum card available for Indego. But I have none? I created a Template Vaccum with Battery Level and Start/pause/Dock command but i'm not able to integrate States (in my language) as well?
How to do this?

[kaystrobach]

Works

should look like this

[Neo91284]

Works

should look like this

Is your response related to my question? - I have no issues with adding this Indego Integration to my HASS but i don't have to option to use Indego as a vacuum. I have manually addes a Template Vaccum with Mow/pause/dock but State is missing - i'm not able to realize the state of the Mower within this Template Vacuum.
But nevertheless I've read that the current version of this integration allready has a "vaccum option" integrated - or was that missunderstanding?

[kaystrobach]

yes

I‘m using the mushroom vacuum card and it seems to provide the state correctly - hope it helps.

type: custom:mushroom-vacuum-card
entity: vacuum.indego
commands:  
 - on_off 
 - start_pause  
 - stop  
 - return_home
tap_action: 
  action: toggle

[Neo91284]

Yes, and i have no vaccum.indego by default - only when i manually setup an template vacuum...
I'm using V. 5.0.1 of this integration - is there any newer one?
On the Screenshot you've provided is see that you have 12 entities - I have 11 and I'm using an Indego M+ 700 2nd gen

[kaystrobach]

I think the vacuum came with 5.1.0 not 5.0.1

[jm-73]

I am going to close this issue as it is solved. I recommend you guys to continue this discussion over at Discord:
https://discord.gg/aD33GsP