Xiaomiβs robot vacuum cleaners (including the Roborock and Dreame brands) require a special authorization token to integrate with third-party smart home systems β from Home Assistant to Node-RED. Without this 32-digit key, you wonβt be able to control the device through a device. API, The problem is that Xiaomi does not officially provide the token to users, hiding it in encrypted requests of the Mi Home mobile app.
In this article, we will discuss 5 current ways to extract a token, from simple (via application logs) to advanced (using Python and mitmproxy). S7, Xiaomi Mi Robot Vacuum-Mop 2 Pro and Dreame Bot D9. Particular attention will be paid to bypassing the new restrictions of Xiaomi, which block the old ways of obtaining a token through batch sniffing.
1.What is a robot vacuum cleaner token and why is it needed
The token is a unique session identifier that is generated by Xiaomi servers when the device is first connected to the Mi Account.It is valid indefinitely (if you do not reset the device) and allows you to:
- π Connect the vacuum cleaner to Home Assistant, ioBroker or OpenHAB without an official application.
- π Get advanced telemetry (e.g. real-time cleaning cards or brush status).
- βοΈ Use undocumented commands API (For example, setting up cleaning areas through coordinates).
- π« Circumvent regional restrictions (e.g. include features not available in your country).
Without a token, you are limited by the standard Mi Home app, where many parameters (such as suction speed or cleaning intervals) are blocked by the manufacturer, and a token is required to back up settings before you flash or reset the device.
β οΈ Warning: The token is tied to a specific device and Mi Account. If you sell a vacuum cleaner, be sure to drop it to factory settings, otherwise the new owner will be able to manage your account through the use of a new one. API.
2. Method 1: Receiving a token through the Mi Home (Android) application logs
The simplest method that works on 90% of devices (except newer models with protocol) MIOT SPEC V2). You'll need it:
- π± Android smartphone (version 8.0 and higher).
- π§ Mi Home app (version 6.5.400 or later).
- π₯οΈ Computer installed ADB (Android Debug Bridge).
Steps:
- Connect your smartphone to your computer USB and turn on Developer Mode (7 times click on Build Number in phone settings).
- In the Developer Settings, activate Debugging over USB.
- Open Mi Home, log in and connect the vacuum cleaner to your account.
- On the computer, run the command: adb logcat | grep -i "Token or for Windows (in PowerShell): adb logcat | findstr /i "token"
- In the logs, find the line of the form: "token": "5f4dcc3b5aa765d61d8327deb882cf99" This is your token (32 characters).
Check out the Mi Home version (update or roll back to 6.5.400)
Reconnect the vacuum cleaner to your account
Use the Adb Logcat filter | grep -E "password|token|did"
Try another method (see below)
-->
If you see an encrypted string instead of a token (e.g., βtokenβ: β****β), your model uses a new protocol, in which case you move to Method 3.
3. Method 2: Extracting a token through HTTP-proxy (mitmproxy)
This method is suitable for all models, including the new Roborock. S8 and dreame bot L10, But it requires networking skills, and we're going to be able to intercept traffic between the Mi Home app and Xiaomi servers.
Required SO:
- π₯οΈ mitmproxy (install via pip install mitmproxy).
- π± Android smartphone (root is not required, but you need to install a certificate).
- π Application for configuring proxy (for example, ProxyDroid).
Instructions:
- Run mitmproxy on your computer: mitmproxy --mode transparent --showhost
- On your smartphone, set up a proxy on IP your computer (port 8080).
- Install the mitm.it certificate on your phone (download it through your browser, then install it in Settings). β Security β Install it from the vault).
- Open Mi Home, log in and wait for synchronization with the vacuum cleaner.
- In the mitmproxy logs, find a request to the domain api.io.mi.com with the following /app/genToken or /home/rpc/....
- The server response will be a "result" field: {"token": "..."}.
| Model vacuum cleaner | Does mitmproxy work? | Notes |
|---|---|---|
| Roborock S5/S6 | β Yes. | Token in response to /app/genToken |
| Xiaomi Mi Robot Vacuum 1S | β Yes. | Look for a request to /home/rpc/PROP_NAME |
| Dreame Bot D9/D10 | β οΈ Partially. | Traffic interception required miot-spec:// |
| Roborock S8 Pro Ultra | β No. | Use Method 4 (Python script) |
β οΈ Attention: C 2023 Xiaomi has started encrypting some traffic through the protocol QUIC (HTTP/3). If mitmproxy does not intercept requests, turn off mobile Internet in your phone and use only Wi-Fi.
Method 3: Automated token acquisition using Python
For users familiar with Python, there are ready-made scripts that extract the token through the official token. API Xiaomi. The most reliable is miio-cli or the Python-miio library.
Installation and use:
- Install the library: pip install python-miio
- Get the Device. ID and MI Cloud Token (instruction below).
- The first is from miio import vacuum vacuum. = Vacuum(ip="192.168.1.100", token="YOUR_TOKEN_HERE") print(vacuum.info())
How to Get Device ID and MI Cloud Token:
- Log in to account.xiaomi.com.
- Open the Developer Tools (F12) β tab.
- Find a request to https://account.xiaomi.com/pass/serviceLoginAuth2.
- The answer will be the βuserIdβ field (this is yours). MI Cloud Token and βdeviceId".
π‘
If the script gives an error Device is offline, check that the vacuum cleaner and the computer are on the same network, and the firewall does not block port 54321 (used by default to communicate with Xiaomi devices).
For new models (Roborock) S7 MaxV, Dreame Bot X30) Use a modified version of the library:
pip install git+https://github.com/Maxmudjon/com.xiaomi-miio.gitShe supports protocol. MIOT SPEC V2.
5. Method 4: Alternative applications for token extraction
If previous methods have not worked, try specialized utilities:
- π± Mi Home Token Extractor (Android): automatically parsing token from Mi Home database.
- π₯οΈ Xiaomi Cloud Tokens Extractor (Windows/macOS): It works through Mi Account without access to your phone.
- π Online token generators (e.g. miot-spec.org): suitable for open-source models API.
The Mi Home Token Extractor is a good example:
- Download and install. APK-File (requires permission to access storage).
- Open the app and click Extract Tokens.
- In the list of devices, find your vacuum cleaner - the token will be in the Token column.
β οΈ Note: Some alternative applications (such as Mi Home Mod) may contain malicious code. XDA Developers or 4PDA.
Method 5: Manual request to API Xiaomi (for experienced users)
This method is suitable if you have MI Cloud Token (from Method 3) We will send a direct request to the API Xiaomi to get a device token.
Steps:
- Get a did (Device) ID) Your home: Open your home β tap on the device β Settings β General. β Device information, or go to the logs. ADB line with "did": "123456789".
- Query via curl (replace variables): curl -X POST "https://api.io.mi.com/app/genToken" \ -H "Content-Type: application/x-www-form-urlencoded" \ -H "User-Agent: MiHome/6.5.400" \ -d "clientId=YOUR_CLIENT_ID&data=%7B%22deviceId%22%3A%22YOUR_DID%22%7D&signature=YOUR_SIGNATURE" Where: YOUR_CLIENT_ID β ask out /pass/serviceLoginAuth2 (field"). YOUR_SIGNATURE β The signature generation is described here.
"token"
To simplify the process, use the ready-made script in Python:
import requests
import json
url = "https://api.io.mi.com/app/genToken"
headers = {"User-Agent": "MiHome/6.5.400"}
data = {
"clientId": "YOUR_CLIENT_ID",
"data": json.dumps({"deviceId": "YOUR_DID"}),
"signature": "YOUR_SIGNATURE"
}
response = requests.post(url, headers=headers, data=data)
print(response.json()["result"]["token"])How to generate a signature for a request
7. Frequent errors and their solutions
When you get a token, you're going to have a typical problem, and here's how to solve it:
| Mistake. | Reason. | Decision |
|---|---|---|
| Invalid token or 401 Unauthorized | The token is outdated or the server region is incorrect. | Get a new token or change servers in Mi Home (e.g. China Mainland). |
| Device not found | The device is not tied to the account or disabled. | Reconnect the vacuum cleaner to Mi Home and check Device ID. |
| mitmproxy does not intercept traffic | The application uses pinning certificates. | Install the JustTrustMe patch or use Frida to get around. |
| Python script gives you timeout | The vacuum cleaner does not respond to local requests. | Check it out. IP-device address and turn off VPN/firewall. |
If you get a mistake -9999 (typical for new devices, which means that your model uses a new protocol. MIOT SPEC V2. In this case:
- Update the python-miio library to the latest version.
- Use an alternative script: pip install miio2.
- Check out your model support at miot-spec.com.
π‘
If none of these methods worked, try dumping the vacuum cleaner to the factory settings and repeat the process of linking to the account, sometimes resetting the restrictions on issuing a token for new devices.
8 Security: How to Protect Your Token
The token gives you complete control over your vacuum cleaner, so its leakage can lead to:
- πͺ Unauthorized device management (for example, starting a cleaning operation in your absence).
- π Leaked data about the layout of your house (cleanup cards contain coordinates of walls and furniture).
- π Mi Account Compromise (if an attacker gains access to other devices).
Safety recommendations:
- π Never publish a token in open repositories (e.g. on GitHub).
- π Store the token in encrypted files (e.g. KeePass or 1Password).
- π Regularly (every 3-6 months) change the token, re-binding the vacuum cleaner to the account.
- π‘οΈ Limit access to the local network: set up a rule on the router so that the vacuum cleaner can only communicate with trusted ones IP.
If you suspect a token leak:
- Untie the vacuum cleaner from your Mi Home account immediately.
- Change the password from the Mi Account.
- Reset the device to factory settings (button) RESET case).