[RELEASE] TP-LINK TAPO Plug, Switch, Bulb, Hub and Robovac Integration

This integration with app and drivers is designed to support:

  • TAPO Bulbs, Plugs, Switches, and HUB
  • TAPO HUB installed sensors
  • TAPO Robovac
  • KASA MATTER Plugs and Switches
  • KASA Hub

The integration does not support:

  • non-Matter KASA devices (different API and Protocol)
  • KASA TRV (connects to TAPO Hub (need data)
  • Other TAPO HUB devices not listed above (need data)

HUBITAT MATTER Implementation and this integration: This integration has some level of duplication with the Hubitat Matter Implementation. I recommend using the Matter Implementation if sufficient to your needs.

  • If so, then delete that device from this installation.
  • If not, delete that device from Hubitat Matter and use the capability herein.
  • This should be rechecked periodically as the Hubitat team matures the Matter implementation.

Current Version: 2.3.7b.
a. Added TAPO Robovac control. Known issue: It does not yet support going to explicit areas as defined by Maps (RV30 vacs). Need data. NOTE: If upgrading for robovac, you must reset the Credentials in the App prior to installing. Otherwise, the install will fail.

gitHub location: GitHub - DaveGut/tpLink_Hubitat: TP-Link TAPO device integration for Hubitat Environment

Installation Instructions: https://github.com/DaveGut/tpLink_Hubitat/blob/main/Docs/TapoInstallation.md

Device Descriptions: https://github.com/DaveGut/tpLink_Hubitat/blob/main/Docs/TapoDevices.md

Update: Update works only from Version 2.3.6 and above. Update Process for 2.3.7:

  • Update code for app and drivers.
  • Run app and run Tapo Discovery (this will check for protocol changes).
  • Assure you exit app normally. Sechedule app functions will NOT be initiated if you exit the app abnormally.

Issues finding devices?


I’ve installed via HPM, but am having a problem configuring the credentials.

I can enter my tapo used id, but the app seems to generate a random password and I can not enter my existing tapo password. Clicking on the password box just generates another random password.

It seems to be a problem with the safari browser on my ipad. I can not enter the password, clicking on the box just generates another random password. I suspect it’s apple trying to be clever/helpful by picking a secure password for you. I’ve had similar before, but you can usually delete the generated password and enter the correct one.

I tried again using edge on my PC, and had no trouble entering the password and my devices were discovered.

I’m not sure if there’s an attribute on the password field that gets safari in a mess?

Thanks for the app, I should be able to control my tapo switches now without calling out to nodered.

1 Like

Seems to be broken for me unfortunately, after new installation via HPM.

Configuration ends with error messages.

InstalledDevices: []
Discovery did not end properly. Check LAN and LAN Segments

I have Tapo and Kasa linked in the Tapo app if this makes a difference?

Any ideas please? Thanks

Also I tried to turn on debug logging and got another error 'Error: Handler method cannot be empty'.

Now cannot go back into the app :frowning:

Unexpected Error

An unexpected error has occurred trying to load the app. Check Logs for more information.

Error: Handler method cannot be empty

I’m no expert on this, but I did get it working for me.
Have a look at the hubitat logs for the application, and see if any of the errors relate to credentials. I had an issue (above) that I had not entered the credentials, for some reason ios/safari had pre-filled a new password. windows/edge allowed me to put these in correctly.
You could try limiting the ip range to scan, there wer some comments about this, however I scanned a full range (2 to 254) with no problems.

1 Like

Had a credential error in logs so have just reset password in the Tapo app and tried fresh install, but still getting credential errors:

app:9482023-10-26 06:18:52.709 PMwarntapo_device_install-2.3.6a: [method:getKlapDeviceData, baseUrl:, sessionData:[protocol:KLAP, handshakeValidated:false, status:ERROR], respStatus:FAILED, reason:Login process failure. Check credentials.]

app:9482023-10-26 06:18:52.667 PMinfotapo_device_install-2.3.6a: [method:klapLogin, handshake:[method:klapHandshake, localSeed:[-123, -2, 26, 34, -117, 55, -50, 1, 81, -81, -113, -97, 75, -106, -60, 96], uri:, localHash:[-29, 40, 114, 116, 17, 20, 60, 13, 53, 104, 5, -124, -45, 8, 86, -85, 116, -117, -20, -15, 124, -6, 15, 45, -10, 75, -82, -32, -74, 22, -101, 104], errorData:[method:klapSyncPost, uri:, cookie:null, status:HTTP Failed, data:org.apache.http.ConnectionClosedException: Premature end of Content-Length delimited message body (expected: 48; received: 0), headers:groovyx.net.http.HttpResponseDecorator$HeadersDecorator@562e73], validated:false]]

app:9482023-10-26 06:18:52.510 PMwarntapo_device_install-2.3.6a: [method:getDiscData, status:INVALID, respData:null, error:groovy.json.JsonException: expecting '}' or ',' but got current char '"' with an int value of 34

So there appears to be a credential failure, but I know the right password is being used having just changed it and logged out and back into the Tapo app. Am I missing something 'special' about email / password entry in the app config?


Interestingly the new password works fine in the Home Assistant Tapo integration. But is not yet being recognised when I log into my Tapo Deco router. Feels like some lag in Tapo's back end password syncing, which could perhaps be an issue for this.

Do you have the 2fa turned on your tapo account? I haven’t, but if you have I’m not sure if the app can handle that?
Have you hit the button “create encoded credentials” on the app once you’ve entered them?

Warn and error messages indicate invalid credentials (go figure).

  1. There is an issue where the TAPO/Kasa Matter devices do not immediately update the internal username and password when you update the cloud version through the app. I do not know how to resolve this (someone needs to research). But the integration requires the devices version of username and password, not the Tapo App version. (I believe this is updated eventually, but not immediately. I will NOT break my system to test this.)

  2. I believe that two factor identification only impacts the cloud control, not local control.

  3. There will be a new version coming out in the next few weeks. Does not fix this issue; however, it will log the username and password in plain text WHEN you create new credentials.

My light strip just updated firmware and changed protocol (to new KLAP security). This software handled it fine with some errors (hopefully, corrected on next release but hard to verify). Worst case is 15 minutes until the change is discovered by the APP. IT WORKS!

No, I don't currently have 2FA turned on, though I did previously :thinking:

And yes, I have pressed the button “create encoded credentials” on the app.

Still doesn't work for me anymore.

FYI I have removed app for now and will rely on Home Assistant and Home Assistant Bridge for now, but will try the next version when released :hand_with_index_finger_and_thumb_crossed:

I'm confused about the TP-Link bulbs. I have Kasa bulbs - mostly KL135. I see now that they have an 1100 lumen bulb that's branded "Tapo" Tapo L535E. Do I have to have a different cloud account? And will the built-in Kasa integration control these or do I need this driver? Always interested in bright bulbs...


No. But you will need to load the Tapo app to your phone. Once loaded, it will control both you Kasa devices as well as the Tapo devices.

You will need this integration for the Tapo devices - Separate from the Kasa devices.

Notes on Kasa vs Tapo device control differences:
  • The TP-Link Kasa devices (non-matter) use a different API, encryption, port, and connection protocol than the Tapo devices. Because of this, the code to do all in the same app/driver set becomes very complex with all associated error risks.
  • The built in Hubitat Kasa integration is on-purpose currently limited to the legacy Kasa devices.
  • Kasa Matter devices:
    • Kasa Matter devices use the same API, Encryption, port, and connection protocol as the Tapo devces.
    • On the C-8 Hub, the primary for integration is the built-in Matter implementation. One current issue is that the Matter Definitions in the initial Matter implementation do not include energy monitor functions (KASA EM MATTER PLUG - KP125M). They will in a future version.
    • On earlier Hubs, this integration supports the Kasa Matter devices. (The Kasa Matter devices use the same api, protocol, etc. as the Tapo devices.)

Version 2.3.7b now available. Adds Robovac capability.

This integration is working very well for me. I’m also using it now via the nodered integration to make my tapo devices available to nodered, as the native nodered implementation broke following a recent firmware upgrade.

My question is around, what happens if you delete & recreate a tapo device? If it’s created with the same name and ip, will the existing device in HE still be present & function.?

The reason I ask, is that I’ve changed my router, and just discovered the only way to move tapo devices to a new SSID is to delete & recreate them. So I’m wondering whether to use a new (preferred) SSID or replicate the old SSID/password if the migration is a big task. I’d rather change the SSID name.

For the Hubitat App, after changing the ip address through the Tapo phone app, simply run the integration app and discover devices. After discovering the devices, it should NOT offer up the existing devices for install; however, the integration app will UPDATE the IP Addresses. (do not forget to set static IP address (DHCP reservations) in you new router.

Note: The reason node red broke is that TAPO changed the connect protocol for devices. My devices are designed to automatically adapt (checked every three hours) between the two.

I’ve already moved the dhcp server to the new router and have address reservation for all the tapo devices, so they still get their original address.
If I just delete the tapo device and set it up again with the same name, what do I then need to do?
The device will receive the same ip and I’ll give it the same device name.
I’m hoping to not get new devices, as I’ll then have to update all my webcore pistons, dashboards etc.

If the IP address has not changed, then you should have to do nothing.