Access token is a unique numeral key that is required for the integration of Xiaomi Mi Robot Vacuum Cleaner. 1S with third-party smart home systems such as Home Assistant, ioBroker or Node-RED. Without it, connecting to alternative platforms is impossible, since the manufacturer limits the official API Apps: Mi Home or Xiaomi Home.
Many users face a problem: the token does not appear in the device settings, and standard methods for extracting it (for example, through Packet Capture on Android) stopped working after firmware updates. In this article, we will analyze all the current ways to obtain a token for Vacuum Cleaner. 1S, including official and workarounds, as well as common errors that interfere with successful connection.
If you plan to use a vacuum cleaner with voice assistants (Alice, Google Assistant) or automate cleaning through scripts, the token will become a prerequisite.It is important to understand that its issuance does not violate the warranty, but requires caution - improper actions can lead to locking the device in the Xiaomi account.
What is a token and why is it needed
Token is an analogue of a password for interacting with API It is generated by Xiaomi servers when you first connect the vacuum cleaner to your account and is used to authorize requests. Without the token, third-party systems will not be able to send commands to Vacuum Cleaner. 1S, The server will reject them as unauthorized.
The main scenarios where a token is required:
- ๐ Integration with Home Assistant or OpenHAB to control vacuum cleaner through a single smart home panel.
- ๐ค Automating cleaning on schedule or triggers (for example, in the absence of people at home).
- ๐ฑ Use of alternative applications with advanced features (e.g. Valetudo for open source firmware).
- ๐ Voice control via Alice or Google Assistant without official Xiaomi app.
Important: the token is tied to a specific device and account, and if you dump the vacuum cleaner to the factory settings or reconnect it to another Xiaomi account, the old token will stop working and you will have to re-acquire it.
Since 2022, Xiaomi has tightened its security policy, and now the token is not displayed openly in the Mi Home app.This is due to the risks of data leakage and unauthorized access. However, there are legal and semi-official ways to extract it, which we will discuss below.
Official method: request token via Mi Home (if available)
The easiest method is to get the token directly from the Mi Home app.Unfortunately for Xiaomi Vacuum Cleaner 1S It doesn't always work, because newer versions of the app have a hidden option, but it's worth a try:
- Open Mi Home and go to your vacuum cleaner page.
- Press three points (โฎ) top-right โ Select Settings.
- Scroll down to the General block and find Device Information (or About in English).
- If the token is available, it will be displayed in the Token or Communication token field.
If there is no token item, then your version of the app or vacuum cleaner firmware does not support this method, in which case move on to alternative options.
๐ก
Before searching for a token, update the Mi Home app to the latest version, sometimes an option appears after an update.
Alternative method: extracting the token through Packet Capture (Android)
This method works on Android smartphones and requires the installation of additional software. The essence of the method is to intercept network traffic between the Mi Home application and Xiaomi servers, where the token is transmitted in an unencrypted form.
Step-by-step:
- Install the Packet Capture app from Google Play.
- Launch Packet Capture and press Start. The app will ask you to install the certificate โ confirm.
- Open Mi Home and wait until the vacuum cleaner connects to the network (should display the status Online).
- Return to Packet Capture, stop recording and search the logs for api.io.mi.com or miot-spec.org.
- In the body of the answer, look for the line โtokenโ: โ...โ โ this is the desired key.
If the token is not found, try:
- ๐ Reboot Mi Home and Repeat Traffic Capture.
- ๐ฑ Use a different Android smartphone (some Packet Capture models are unstable).
- ๐ง In Packet Capture settings enable Decrypt option HTTPS.
Why canโt the token be displayed in Packet Capture?
Receiving a token through miio-cli (for advanced users)
If previous methods failed, you can extract the token using the Miio-cli utility, a command line for working with Xiaomi devices (Linux/macOS) or PowerShell (Windows).
Instructions for Windows:
- Install Node.js from the official website (nodejs.org).
- Open PowerShell on behalf of the administrator and execute the command: npm install -g miio-cli
- Connect to the vacuum cleaner (replace) IP_DRESS to the real thing IP Devices in your network: Mio discover --sync If the vacuum cleaner is not found, indicate IP hand-held --ip IP_ADRES INFO
- In the output command, look for the token line: โ...โ is the token.
For Linux/macOS The steps are similar, but instead of PowerShell, use Terminal.
Typical errors and decisions:
| Mistake. | Reason. | Decision |
|---|---|---|
| Error: Device not found | The vacuum cleaner is not in the same network with a smartphone / PC | Connect both devices to the same Wi-Fi network |
| Error: Invalid token | Token is obsolete or incorrect | Get a new token by one of the described methods |
| Error: Handshake failed | Blocking by Xiaomi | Reboot the vacuum cleaner and try again |
โ๏ธ Preparation for work with mio-cli
How do you know? IP-Address of the Xiaomi Vacuum Cleaner 1S
Without knowledge. IP-Most methods of obtaining a token will not work. There are several ways to determine it:
Method 1: Through the Mi Home app
- Open Mi Home and go to the vacuum cleaner page.
- Press three points (โฎ) โ Settings โ Device information.
- IP-The address will be listed in the Local Network or Wi-Fi info section.
Method 2: Through the router
- Go to your routerโs web interface (usually at 192.168.0.1 or 192.168.1.1).
- Find Connected Devices (or DHCP Clients)
- In the list, find a device called roborock.vacuum. or miio: โ this is your vacuum cleaner.
Method 3: Through the command line (Windows)
- Open the Command Prompt (Win + R โ enter cmd).
- Follow the command: arp -a
- In conclusion, look IP, near-indicated MAC-address 78:11:DC or 7C:01:9E (Typical prefixes for Xiaomi devices).
๐ก
IP-The vacuum cleaner address may change when you restart the router if you do not have a binding set up on the router. MAC. To avoid problems, fix IP customized DHCP router.
What to do if the token is not found: alternative solutions
If none of the methods worked, there are a few workarounds:
1. Call for support for Xiaomi
In rare cases, support can provide a token on request if you confirm ownership of the device.
- ๐ง Please contact us with the request for Mi Home device token.
- ๐ Attach a check or photo of the device with the serial number.
- ๐ Indicate Device. ID (You can find it in Mi Home. โ Settings of the device).
2. Use a cloud token (less secure)
Some services (such as Home Assistant) support a cloud token connection that can be accessed in Mi Home:
- Open Mi Home โ Profile โ Account settings.
- Find the Beijing Mi Cloud or Account Management section.
- Create a Cloud Token (if available).
The disadvantage of this method is dependence on Xiaomi servers: if they are inoperable, vacuum cleaner management will be unavailable.
3. Install custom firmware (for experienced users)
Firmware like Valetudo or Dustcloud can bypass the limitations of Xiaomi, but require unlocking the bootloader and firmware through the UART. This is a risky process that can disable warranties and disable the device.
๐ก
Before installing custom firmware, back up the original miio-cli command miio backup.
Security: How not to lose the token and not to lock the device
The token is the key to controlling your vacuum cleaner, so leaking it can lead to unauthorized access.
What NOT to do with the token:
- ๐ซ Publish in open sources (forums, GitHub, social networks).
- ๐ซ Transfer to third parties, even if they promise to help with the setup.
- ๐ซ Store in cloud services (Google Docs, Dropbox) without encryption.
How to properly store the token:
- ๐ Save it to an encrypted file (e.g. KeePass or 1Password).
- ๐ Print and store in a safe place (if you are afraid of digital leaks).
- ๐ Use a password manager with two-factor authentication.
If you suspect that the token has been compromised:
- Untie the vacuum cleaner from your Xiaomi account (Mi Home) โ Settings of the device โ Remove the device).
- Reset the device to factory settings (press the Reset button for 5 seconds).
- Get a new token and set up the integration again.
๐ก
Check the list of connected devices in Mi Home regularly, and if an unknown device appears, change the password from your Xiaomi account.