Owning a robot vacuum cleaner from Xiaomi or its sub-brands like Roborock and Viomi opens up vast opportunities for automating cleaning. However, standard mobile app functionality is often not advanced enough for users who want to integrate the device into a smart home system or use third-party scripts. This requires a unique access key called a token. Without this long set of characters, it is impossible to locally manage the gadget through Home Assistant, Node-RED or other platforms.
The process of obtaining a token can seem complicated only at first glance, since the manufacturer deliberately hides this data for security purposes. The token is a 32-digit hexadecimal code that serves as a digital passport of your device on the local network. In this article, we will look at all the current ways to extract this information, from the simplest methods through installed applications to more technical solutions for power users.
It's worth noting that the methods may vary depending on your smartphone's operating system and the firmware version of the vacuum cleaner itself. Some require a Windows or macOS computer, others run exclusively on Android. The token doesn't change after you restart the router, but it can change when you completely reset the vacuum cleaner to factory settings. So keep the resulting code in a safe place immediately after you receive it.
Why do we need a token and where does it apply?
The main purpose of obtaining a token is to go beyond the manufacturer’s ecosystem. The standard Mi Home or Xiaomi Home application runs through the company’s cloud servers, which sometimes leads to command delays or inability to manage in the absence of the Internet. Local management through the token allows you to send commands directly to the local network, providing an instant response.
Most often, the token is required to integrate with the popular Home Assistant platform, which allows you to create complex automation scenarios that are not available in the native application, for example, to run cleaning only when a smartwatch detects that you have left the house, or send a notification to Telegram if the dust container is full.
⚠️ Warning: The token gives you full access to the device's management. Never share this code with anyone or share screenshots of it in public.
In addition, knowing the token allows you to use specialized libraries for Python or Node.js, creating your own management programs, you can analyze cleaning maps, install virtual walls where the application does not allow, or even modify the firmware devices, although the latter carries risks.
Method 1: Receiving a token through the Mi Home (Android) application
The most common method for Android smartphone owners who already have the Mi Home app installed. It is important to understand that modern versions of the app hide the token, so it will require the use of special tools or modified versions of the software to extract it.
One way is to use a plugin for Mi Home that can pull out tokens of connected devices, which may require installing an application from third-party sources, since Google Play often does not have such versions. Once you install the plugin and log in under your account, the list of devices with their tokens will be available for viewing.
Alternatively, you need root rights on your device. If your smartphone is rooted, you can access the Mi Home application database where all the keys are stored. The path to the file is usually /data/data/com.xiaomi.mihome/databases/mihome.db. Opening this database through a SQLite editor, you can find a table with the devices and copy the value of the token.
Risks of using modified applications
If you don't want to risk your primary account or mess with root rights, there are desktop utilities that emulate login and pull out tokens, which work by intercepting network requests or analyzing local cache after synchronization.
Method 2: Using Python script on a computer
For users who don’t want to install dubious apps on their phone, the ideal solution is to use a computer. The method is based on the Python library, which interacts with Xiaomi servers. You will need to install Python on a computer (Windows, macOS or Linux) and execute several commands in the terminal.
You first need to install the library itself. Open the command line or the terminal and type in the command to install the batch manager if it is not already installed, and then the miio library itself. This will only take a few seconds if you have a stable Internet connection.
pip install python-miioOnce the library is installed, you need to execute a command to extract the token, you need to enter your email and password from your Xiaomi account, and the script will send a request to the server, receive a list of devices and display their tokens to the console.
miio extract-tokens --username your email --password your password☑️ Preparation for token extraction
Importantly, this method requires that your account not be protected by two-factor authorization at the time of the request, or that you need to use a special access token instead of a password. If you have two-factor authentication enabled, the process may be more complicated and require a temporary key.
Method 3: Method through iOS and backup
iPhone owners can also get a token, although the process here is slightly different due to the closed operating system.The main method is to create a local backup of the device through iTunes (or Finder on macOS) and then analyze the files of that copy.
The essence of the method is that the Mi Home app stores tokens in a local configuration file. When you create an unencrypted backup (which is possible on some versions of iOS or through special utilities like iMazing), these files can be extracted. However, with the increased security of iOS, this method becomes less and less effective without jailbreaking.
A more reliable way for iOS is to use the Home Assistant app with Xiaomi integration if it supports automatic detection, or use macOS utilities that can read the app data. There is also a method using a PC and an Android emulator, described in the next section, which is often easier for Apple users.
| Method | Difficulty | Required SOFTWARE | Risks. |
|---|---|---|---|
| Android (Root) | Tall. | SQLite Editor | Loss of guarantee |
| Python Script | Medium | Python, Terminal | Account lockdown |
| iOS Backup | Tall. | iMazing, iTunes | It doesn’t work for new iOS |
| Emulator | Low. | BlueStacks, Nox | Minimum |
Method 4: Android Emulator on PC
The universal solution for all operating systems is to run an Android emulator on your computer, and programs like BlueStacks, NoxPlayer or LDPlayer create a virtual Android device that you can install the Mi Home app on.
Once you install the emulator and log in to your Google account, download and install Mi Home from Play Market inside the emulator. Sign in to the app under your Xiaomi account. Once the devices are loaded, you can proceed to extract the token.
Depending on the emulator’s capabilities, you can either obtain root rights through the emulator’s settings (usually a checkmark in the startup settings) or use built-in debugging tools. If root is obtained, the path to the database will be standard: /data/data/com.xiaomi.mihome/databases/mihome.db. The file can be copied to the desktop of your PC and opened by any SQLite viewer.
💡
Use a NoxPlayer emulator or LDPlayer, as they often have a built-in Root Rights feature that is easy to activate in settings, making it easier to access system files.
If root rights are not available in the emulator, try using ADB (Android Debug Bridge). Emulators usually support ADB connection via localhost. The adb shell command will allow you to go to the command line of the virtual device and try to read configuration files.
Integration of the token in Home Assistant
Once you've successfully mined a 32-digit code, it's a practical application phase, and most often, tokens are put into the Home Assistant configuration file, which allows you to add a vacuum cleaner as a native device that can be controlled at the speed of light.
To add the device through the interface YAML You need to know the model of your vacuum cleaner, IP-address in the local network and, of course, token. IP-The address should be fixed in the router settings so that it does not change after the reboot, otherwise the integration will stop working.
⚠️ Note: When changing the password from Wi-Fi or resetting the router settings, the vacuum cleaner can get a new one IP-Make sure you use static anchorage. IP (DHCP Reservation) on the router.
The configuration example for the configuration.yaml file is as follows: Note the indentations, they are critical for YAML:
vacuum:
- platform: xiaomi_miio
host: 192.168.1.50
token: 40 characters of your token
name: Xiaomi VacuumOnce the configuration is added, you need to restart Home Assistant. If done correctly, a new vacuum cleaner entity will appear in the interface with all the attributes: cleaning status, charge level, noise level and error, if any.
💡
Static IP-address for vacuum cleaner in the router settings is a prerequisite for stable integration, otherwise after a voltage surge, the control will disappear.
Frequent problems and their solution
Users often experience authorization errors, especially if two-factor protection is enabled in the account, in which case standard scripts may fail, requiring the use of temporary tokens or disabling protection during the procedure.
Another common problem is region incompatibility: If your account is registered in China, and you are trying to use European servers to extract the token, the data may not be determined.
It is also worth remembering that some vacuum cleaners, especially those released for the domestic market in China, may have a modified protocol structure. For such devices, the standard python-miio library may require manual reference of a particular model, such as rockrobo.vacuum.v1 or dreame.vacuum.p2009.