Internet Based Webhooks/Endpoints

I am trying to figure out the best way to accomplish this. I have several Webhooks that originate in IFTTT for different things. For example, if an event is starting soon on my outlook 365 calendar it passes the start and end times and description. Then 15 mins before it starts, my ST system notifies me of the meeting and turns off notifications with a virtual switch. All that is working fine.
What I can't figure out is how to get the Webhooks passed from IFTTT to my hub without opening up my hub completely to the internet. I have forwarded a different port than 80 to 80 so the webhooks go through fine, but this also means that anyone can log onto my hub if the scan for the open port on my router. Is there anyway to avoid this other than using ST as a middle-man for the webhook? So, ifttt would pass the webhook to ST and then ST would make the necessary change.
I have several different things that have no native integration so I use IFTTT. Just seems that I'm taking two steps back having to have something in the middle.

Have you looked at the maker API in Hubitat?

Yes...and this also demonstrates the same problem. The link to trigger the events is my HUBs LAN IP. For example:
http://192.168.1.12/apps/api/56/devices/[Device ID]?access_token=[TOKEN REMOVED]

So, if I wanted to get that command to come from the internet and not on my local LAN, I would have to forward port 80 (or some other port to port 80) on my router. When you do this, it also opens up your hub to COMPLETE control over the internet. Try it out. If you navigate directly to your router on the internet after forwarding port 80 (or a port to 80) it will come directly up to your hub's control panel! That's not good. Even if I hid it so that port 8922 forwarded to port 80 internally, there's still a chance that a port sniffer will detect it. Now my hub is totally exposed. So, how do I get around that?

No forwarding needed I believe. Change the url

https://cloud.hubitat.com/api/ Etc etc.

I also tried forwarding once, as I needed access whilst on holiday. Once back I took it off, not a good idea as you’ve found :wink:

Okay...that's not described ANYWHERE in the documentation on the app though. So, how would someone know the URL to use???

1 Like

Agree. I found that in a post from Patrick. But very, very handy. :+1:

Doesn't seem to work. I get: {"message":"Forbidden"} when I try to post using the link:
http://cloud.hubitat.com/apps/api/9/ifttt/EVENT?access_token=[TOKEN REMOVED]

It doesn't work for devices either. This link:
http://cloud.hubitat.com/apps/api/56/devices/159/on?access_token=
gave me the same error. So I don't know where you found this info but it doesn't seem to work.

From the post here

Hope this can give better info.

2 Likes

THANK YOU!!!! I have been searching for that for hours. In case anyone else stumbles upon this, just to be clear (because in the other thread it takes them 5 posts to get the link correct, the link is:

http://cloud.hubitat.com/api/{HUB-ID}/apps/{APP-ID}/ifttt/{EVENT-NAME}?access_token={ACCESS-TOKEN}

{HUB-ID} = your hub ID from your settings page
{APP-ID} get from your local URL you get from adding an IFTTT event in a webCoRE piston.
{EVENT-NAME} Self-explanitory
{ACCESS-TOKEN} from the local URL from your piston.

6 Likes

I'm getting a 502 bad gateway back when I run one of these URLs against an app from Postman. Is this service stable? Is there a status page to see whether it is up or down?

Works fine for me. You must not have the right link. Did you translate it correctly?

This topic was automatically closed 365 days after the last reply. New replies are no longer allowed.