Google Assistant security alarm pin not working using main UI to configure

Running OpenHab 4.0.2 on a pi4

I have setup Google Assistant actions, they work just fine using the UI item GA Metadata.
This is a basic item not a group. I am using the UI and not handcrafting an item file.

I setup a security switch, this works like the other devices from GA turns on and off fine. I can arm and disarm the switch using GA. But there is no prompt for the password. Not sure what I am doing wrong.

I sync devices on the Google Home. My problem is getting the security pin to work using the UI to create the metatdata GA options.

I create Command option metadata for the Item as:

Anyone got this to work using the UI?

Screen shots are next to useless. To post an Item config, click on “edit” and paste what you find in the “Code” tab. Use code fences.

code goes here

Similarly, there is a code tab for metadata.

According to the docs, these are part of the Google Assistant metadata. Not separate metadata.

Checking “Advanced” shows all the fields including these.

Thank you for taking the time to looking at this. Apologies for not including the code, will abandon screen shots in the future:

Google Assistant Metadata

value: SecuritySystem
  checkState: true
  pinOnDisarmOnly: true

Command Options Metadata

value: " "
  options: pinNeeded="1234",pinOnDisarmOnly=true

Looked into the JSONDB I see data exists for the security Items GoogleAssistant and Command options created. It exists.

I do check advanced and the Require Pin for Disarm.

All the properties listed in the docs are in the form including pinNeeded and pinOnDisarmOnly.

Thank you for pointing out the obvious.

I thought “secondary user verification”, was like 2 factor. LOL

Works excellent now, GA says “Can I have your pin”, i provide it, it works as expected. Great keeping my partner in crime happy she does not have to enter a pin to turn on security.

So it is clear this works from the UI, no item hardcoding required!

I hope to help with OH tasks in any way I can, I appreciate the effort this group puts forward.

Thank You.

I agree it’s an odd way to label that field. I’m not sure why it’s called that.

Because Google calls it like that:

Doesn’t mean it makes sense once you get into the openHAB context. The end users of OH are not reading the Google developers docs. Even I had to fill something in and see which property got created on the code tab to discover what that field actually means.

In general - from my perspective - “secondary verification” is kind of a known term in tech?!

What else would you look for in terms of wording? There is even an explanation added…

The words are ambiguous, as much of English ends up being.

When I first read it until I confirmed what the field meant I read it as “secondary user verification” and asked myself “who’s the secondary user and why do they need to verify it”?

It would make more sense if you took out the “user”.

Though since the field represents the pin code, I’d just call it that: “pin code”.

Just for completeness:

All metadata would have needed to go into the “Google Assistant Metadata” of the SecuritySystem item.


value: SecuritySystem
  checkState: true
  pinOnDisarmOnly: true
  pinNeeded: '1234'

Given that response, would you also say “no one” is reading the explanation below the field?

At the end I am very much open to adjust the wording there. And everybody is free to open a PR in the webui repo to do so. :slight_smile:

To me “Secondary Verification” implies, a second factor of authentication. My suggestion would be simply “Security Pin”. Maybe In the comment “Google will prompt for this”.

I am delighted this was provided as it works very well. Thank you for building / contributing to this.


Well exactly it is…

Next to the initiated command a second verification is needed before execution, which is a pin and/or acknowledgment.

And the current comment also explains it like this.

Still struggling to understand the confusion a bit.

Isn’t the command exactly that, just a command? Or an activation of a switch (turn on/off).

I don’t consider the act of changing the state of something authorization it’s an action.

Whether or not a person giving the command is authorized to perform the function is the purpose of the pin. In this case a pin (primary).

As you already give an authorization by providing access to your appliances through a digital assistant which by default should also only be accessible by you, I would call this primary authorization. :grinning:

It’s like telling your neighbor: “can you please open my doors”. Are you by this not also authorizing the person to do so?

I do understand that there is some room for interpretation.
So maybe let’s arrange on some documentation changes to clarify this for the users.

Thank you for suggesting a documentation change/improvement to clarify this.
My suggestion would be to change the field label in Google Assistant MetaData which currently reads “Secondary User Verification Pin” to “User Verification Pin”

Best Regards,