iCloud Binding Communication Error

The versions from today include code field in UI.
You will need to delete and readd account thing to see it.

1 Like

thank you - had the old version

@maihacke - thank you very much for your work! Binding is actually working fine!

This did the trick ! Thanks for all your help hard work and effort !

Worked super and identified lots of different types of devices. Strangely some that are not assigned to my account anymore and others like my iPhone not.

All 3 icloud account can go online successfully.
Thanks a lot !

First: Thank you very much! Having 2 Bridges with about 10 devices and works fully fine without errors! So glad you did the job! owntrack was a workaround, but this is much better.

Just an idea / thought of mine:
Not sure, but believe after reboot of server a new 2FA could be needed (not tested yet).

An alternative (channel for the code?) would be great (on bridge level or special item under the bridge).

This could make it possible to send e.g. a telegram message after reboot and send the code independend from being in the network. If there is already a solution to set the code (with text configured thing too) yet, a short “rule-sniplet” would be welcome.

Just out of curiosity. The whole auhtentication mechanism from Apple still depends on user/password supplied in the binding config? No change to tokens or a more sophisticated account access level?
I would love to use the binding to give openHAB access to coordinates/charging level etc. But not to photos, documents etc. Apple still does not support some granular authorisations do they?


Not sure if it helps… but I am one more from the many of us trying to get icloud at my openhab, and the history loops always to the same problem with the broken plugin. I was a little bit desperate looking for alternatives, and thanks to this community I found some people experiencing with pyicloud python. I am a python person, and realized with some small coding I can build my own icloud extractor being openhab agnostic. This code can retrieve the info of every icloud device under my account, and by config I can propagate it thru mqtt or thru direct openhab apis to feed data. I also added an specific message to propagate also by mqtt or openhab items that when 2factor credentials are expired, to be noticed

If you are interested, feel free to take a look at GitHub - redcorjo/mqtt_pyicloud . Just published today and still very basic description how to use it. Mainly, ensure to run install pyicloud first at your desktop (I use mac and raspberry), and run under the same account planned to execute this script also the initializing of icloud --username user@domain.com value

Perfect - I have three accounts and all of them are up and running now! Thanks a lot for your work!

Not sure if this is a bug or not, just letting you know. After getting the iCloud Account authenticated, about three hours went by and I noticed I received a notification on my phone to reauthorize the 2-FA code. I clicked “Allow” when it popped up and it just clicked “OK” when it gave me the 6 digit code. I did notice that in the log I received a warning

 2022-11-10 20:29:52.133 [WARN ] [l.handler.ICloudAccountBridgeHandler] - ICloud token invalid.

It is still working, (I sent a Find My iPhone Request and it notified me, and is registering location and battery) Just letting you know!

Updated and tested. Works out fine. Great work :+1:. Thanks a lot.

Just an idea / thought of mine:
Not sure, but believe after reboot of server a new 2FA could be needed (not tested yet).

The binding stores a token which is validated by the access code. I’m not sure how long this is valid, but it is not required to enter a token after each restart.

That’s interesting. Since there is no public available documentation of the used API (in fact I reimplemented was phyicloud does in java), we have to see what happens over time.

Hi Simon
i tried to configure your RC1 version but i wont receive a 2FA code via SMS.
First i had to see that my openHAB iCloud account was locked without any information or a chance to unlock.
So i created a new one, invited him into the family sharing and then tried to use the iCloud binding.
The credentials are correct and the binding seems to start the 2FA process but i wont receive the code.
Does it only work with real iCloud accounts that are logged into atleast one Apple device?
I would like to use a dummy that isn´t used on any device and that only has access to the information through the family sharing.
This worked with the old iCloud binding.


Because 2FA only is send to the devices logged in with this Apple ID the answer is yes. You need a device on this bridge Apple ID

So Apple is able to send me the 2FA code via SMS but this binding triggers the 2FA process in a different way that the 2FA code will be send to a device?

Giving openHAB access to my main iCloud account that can purge all of my devices seems like a rather bad idea.

From what I got from the pyicloud binding there is another authentication method called (2-step authentication). With 2-sa you select a device to which the sms is send. It is technically different from the 2-fa authentication which I implemented in the binding currently. Integrating this into the binding would be even more complicated because you would have to specify the device to which the sms should be send to.
I could think of integrating that into the binding, if it is “broader” demand in the future. To be honest currently I’m happy that it is working with the 2-FA.

If you want to, you may experiment with pyicloud and check if what is called 2sa (2-step-authentication) would solve your problem. It is explained here: GitHub - picklepete/pyicloud at f96b0d8c24a03109f15693f341656baf99ad5ab9

elif api.requires_2sa:
    import click
    print("Two-step authentication required. Your trusted devices are:")

    devices = api.trusted_devices
    for i, device in enumerate(devices):
    device = click.prompt('Which device would you like to use?', default=0)
    device = devices[device]
    if not api.send_verification_code(device):
        print("Failed to send verification code")

I neither implemented what’s behind “requires_2sa” nor “send_verification_code(device)”. If you find out that 2SA is solving your problem we could discuss if there is a way to integrate this into the binding.

For the moment I recommend using your normal I cloud account. Even if the API is undocumented, I see a very very low risk that the implementation will lead to a purging of your device (no guarantee ;-)).

1 Like

Thanks for the quick info about the 2SA authentication.

I´m going to setup a old iPad with the new openHAB iCloud account and use this.
Hopefully your new integration works better and doesn´t break every year :slight_smile:

Thank you for your work. replaced the .jar, restarted open hab and everything went online again.Without any issues.
Didn’t had to change my .things file!

@maihacke thanks a lot for your effort and support! This is very much appreciated for this very important binding I personally already half-abandoned.
I am on 3.4.0.M4 and it definetely works!

However, I frequently receive messages from apple that someone logged into iCloud via a web browser. I did not observe this before making use of this binding. I have also the python script in place where I have not observed this behavior before. Is this intended?

Btw, currently I am running both in parallel: the python script and your fabulous fixed iCloud binding.