How to get a token vacuum cleaner Xiaomi: all working ways of 2026

Why Xiaomi vacuum cleaner token is so important and where it is used

The Xiaomi device token is a unique 32-digit key that allows you to control a robot vacuum cleaner through third-party applications, scripts or smart home systems. Without it, you can not integrate a vacuum cleaner into Home Assistant, ioBroker or use alternative firmware like Valetudo. Many users face the need to extract the token after buying a used device or when switching from the Chinese Mi Home server to the European one.

In 2023-2026, Xiaomi tightened its security policy: tokens no longer appear in plain form in the application, and old methods of obtaining (via batch sniffer or Mi Home logs) ceased to work. Now, to extract a token, you need to either use official tools with restrictions or resort to workarounds. In this article, we will discuss all the current methods, including those that work with the latest versions of Roborock, Mi Robot Vacuum and Dreame firmware.

We warn you right away: some methods require technical skills (working with the ADB, Python HTTP-If you are a beginner, start with the simplest one: through the Mi Home app (Section 2). For experienced users, we have prepared advanced instructions using miio-cli and manual network traffic parsing.

Method 1: Receiving a token through the Mi Home app (official method)

This is the easiest way, but it only works for devices tied to your Xiaomi account. If the vacuum cleaner was bought used or tied to another region (like a Chinese server), this method will not work - you will need a reset or alternative solutions.

Instructions:

  • πŸ“± Open the Mi Home app and go to the section with your vacuum cleaner.
  • πŸ”§ Click on three dots in the upper right corner β†’ Settings of the device.
  • πŸ”‘ Scroll down to General Settings β†’ Device information.
  • πŸ“‹ You can see the Token bar (older versions of the app) or the Export token button. If you don't have one, read on.

⚠️ Note: Since 2023, Xiaomi has hidden tokens in the app for most regions.If you don’t see this item, try changing your account region to China (mainland) or use the methods in the following sections.

If the token is displayed, copy it and save it in a secure location (such as a password manager) that gives you full access to the device, so don’t give it to third parties.

πŸ“Š What kind of vacuum cleaner Xiaomi you have?
Roborock S7
Mi Robot Vacuum Mop 2
Dreame D9
Another Xiaomi
Not Xiaomi.

Method 2: Extracting a token through HTTP-server (for technically savvy)

This method works by intercepting network traffic between the Mi Home app and Xiaomi servers, requiring a computer and basic terminal knowledge, but is universal for all models of vacuum cleaners (including the Roborock S7, Mi Vacuum Mop 2 Pro, etc.).

Algorithm of action:

  1. Install Python 3.x on your computer and mitmproxy library (via pip install mitmproxy).
  2. Launch mitmproxy and set it up to intercept HTTPS-Traffic (instruction below).
  3. On your phone, connect to the same Wi-Fi network as your computer and install the mitmproxy certificate (download http://mitm.it).
  4. Launch the Mi Home app, log in to your account and wait for the vacuum cleaner to connect to the network.
  5. In the mitmproxy logs, find a request for the domain api.io.mi.com - it will contain a string with a token.

Detailed command to run mitmproxy:

mitmproxy --mode transparent --showhost --ssl-insecure

Once launched, open http://mitm.it in your browser and install the certificate on your phone. Then, in Mi Home, update the status of the device and the token will appear in the log format:

"token": "5f4dcc3b5aa765d61d8327deb882cf99"

⚠️ Note: This method may not work on the latest Mi Home versions (6.0)+) If the token is not displayed, try rolling back to app version 5.9 or using the method with miio-cli (section 4).

Install Python 3.x|Install mitmproxy (pip install mitmproxy)|Connect your phone and computer to the same network|Install a mitmproxy certificate on your phone|Start mitmproxy in transparent mode-->

Method 3: Use of the miio-cli utility (for Linux/macOS/Windows)

Miio-cli is Xiaomi’s official tool for managing devices using the MiIO protocol, which not only allows you to get a token, but also sends commands to the vacuum cleaner directly, and is suitable for users familiar with the command line.

Steps to obtain a token:

  1. Install Node.js (version 14+) and execute the command: npm install -g miio-cli
  2. Connect the vacuum cleaner to the same network as the computer.
  3. Start scanning devices: miio discover In the answer find IP-address of vacuum cleaner and its deviceID.
  4. Get the token command: miio --ip [IP_vacuumer] --token [symbol] --discover-token For example: miio --ip 192.168.1.100 --token 123 --discover-token

If the command is successful, you will receive a response in the following format:

Token: 5f4dcc3b5aa765d61d8327deb882cf99 via miIO protocol

This method works for most models, including the Roborock S5/S6/S7, Mi Robot Vacuum 1S and Dreame Bot Z10 Pro. However, some firmware (such as Chinese) may require additional authentication through a Xiaomi account.

What if the Miio-Cli can't find the device?
1. Make sure that the vacuum cleaner and computer are on the same network (not through the same network) VPN 2. Check that the firewall does not block the UDP-port 54321 (used by miIO). 3. Try to turn off IPv6 4 If the Chinese version of the vacuum cleaner may need to change the region in Mi Home to "China" (mainland).

Method 4: Manual token extraction from Mi Home (Android) files

On Android devices, Xiaomi device tokens are stored encrypted in the Mi Home app folder. To extract them, you will need root access or use the adb utility (without root rights, you can only get a part of the data).

Instructions for users with root:

  1. Install a file manager with root support (such as Root Explorer).
  2. Go on the path: /data/data/com.xiaomi.smarthome/databases
  3. Copy the mihome.db file to your computer.
  4. Open it with SQLite Browser and query: SELECT token FROM devices WHERE model LIKE '%vacuum%' OR model LIKE '%roborock%';

For users without root:

  • πŸ“± Connect your phone to your computer and turn on Debugging. USB.
  • πŸ–₯️ Follow the command: adb backup -f mihome.ab com.xiaomi.smarthome
  • πŸ” Use the Android Backup Extractor (Abe) utility to extract mihome.db from the archive.

⚠️ Note: Latest versions of Mi Home (6.0)+) If you see a 32-digit key in the database, rather than a set of incomprehensible characters, use the decryption manual.

πŸ’‘

If you don't have root rights, but you have a backup of Mi Home (made via Titanum Backup or analogues), try extracting mihome.db from it. Often the tokens are stored there in the open.

Method 5: Alternative methods (for rare cases)

If none of the above methods worked, try these options:

MethodWhen to applyDifficultyNotes
Mi Account Token ExtractorThere is access to the account Xiaomi, which is tied to the vacuum cleanerMediumRequires authorization by cookies from the browser
Resetting the vacuum cleaner to factory settingsThe device is tied to someone else's accountJustAfter resetting the vacuum cleaner must be reconfigured
Appeal for Xiaomi supportThe vacuum cleaner is officially purchased, there is a checkLong time.Proof of purchase may be required
Buying a token on forumsExtreme case (not recommended)Dangerous.High risk of fraud

To reset the Xiaomi/Roborock vacuum cleaner to the factory settings, press the power button for 10-15 seconds until you hear the beep. After that, the device can be linked to your account and receive the token in the standard way.

Important: If the vacuum cleaner was bought hand-held and tied to someone else’s Xiaomi account, a reset doesn’t always help – some models (such as the Roborock S7 with Chinese firmware) require confirmation of the original owner.

Frequent Mistakes and How to Avoid Them

When trying to get a token, users often face typical problems, including the most common ones and ways to solve them:

  • 🚫 Miio-cli: Check that the vacuum cleaner and the computer are on the same network. VPN and the firewall. IP-vacuum address.
  • πŸ”„ The token changes after the vacuum cleaner is restarted: This is normal for some models (like Dreame).Use a permanent token that can be obtained through Mi Home API.
  • πŸ”’ The Mi Home app asks for confirmation SMS When logging in: If your account is linked to a Chinese number, use +86 in front of the number or create a new account with a Russian / European number.
  • πŸ“΅ Mitmproxy does not intercept traffic: Make sure the phone has a mitmproxy certificate installed and encryption disabled in Mi Home (in the app settings).

If you are using Home Assistant or ioBroker, make sure the configuration file indicates the correct deviceID (it can be found in Mi Home in device information or via miio discover).

vacuum:


- platform: xiaomi_miio




host: 192.168.1.100




token: 5f4dcc3b5aa765d61d8327deb882cf99

1. Correctness IP-Addresses (it may change when the router restarts).

2. no locks in the router (some models block local traffic miIO).

3. vacuum cleaner firmware version (Chinese firmware may require additional authentication).-->

Can I get a token without dumping a vacuum cleaner if it is tied to someone else’s account?
Options: Ask the seller to remove the device from your Mi Home account. Use mitmproxy or miio-cli if the vacuum cleaner is on the same network as your computer. For Chinese models (Roborock with CN firmware), sometimes changing the server region in Mi Home to China helps. If nothing helps, then only a reset remains with the risk that the vacuum cleaner will require confirmation from the original owner.
Why is the token received through mitmproxy not working in Home Assistant?
The reasons could be: The token is temporary (some Dreame models generate new tokens every time you connect). Solution: Use miio-cli to get a permanent token. Wrong deviceID in configuration. Check it out through miio discover. The vacuum cleaner is connected to the Xiaomi cloud, not the local network. Disconnect it from the Internet and try again.
How to check if the token works?
The easiest way is to send a test command via miio-cli: miio. --ip [IP_vacuumer] --token [your token] info If the team returns the device information (model, firmware, status), the token is working. If you see an error Invalid token is wrong or outdated.
Can I use one token for several vacuum cleaners?
No. Each token is unique and is tied to a particular device by its deviceID, so if you have multiple vacuum cleaners, you need to get a token for each one separately.
What if the token suddenly stopped working?
Probable reasons and solutions: Xiaomi has updated the firmware vacuum cleaner β†’ Try to get the token back. The device has been reset. β†’ It requires a new peg and a token. IP-vacuum-dress β†’ Update it in the Home Configuration Assistant/ioBroker. The term of the temporary token expired β†’ Use miio-cli to get permanent.