Dashboard

HA Offline
people

Total Users

0

check_circle

Authorized Users

0

meeting_room

Total Rooms

0

devices

Devices

0

vpn_key

Today's OTPs

0

link

Today's Device Calls

0

trending_up

Successful Requests

0

trending_down

Failed Requests

0

API Request Success Rate

0% Success
Success: 0
Failed: 0

System Performance Activity

No activity logs recorded yet.
Display Name Username Status Created Date Actions
Display Name Mobile Number (10 Digits) Date Added Actions
Device Name Room Entity ID Device Type Description Status Perform Actions

Connection Parameters

Configure details for local or remote Home Assistant instances.

Enter IP address or host name. Ensure it is accessible by this backend server.
Generate this token inside your Home Assistant profile page (at the very bottom).
info

Dynamically Compiled Endpoints

Below is the list of auto-generated URL paths for every configured device. All client request endpoints require a valid client JWT token set in the Authorization: Bearer [TOKEN] header.

build Interactive Link Parameters

Lumi Gateway API Reference Manual

Clean, comprehensive developer integration guide for triggering smart home actions.

Interactive API Link Generator (Testing Helper)

Type values into the parameters below. The URL paths and cURL commands in the reference manual below will update in real-time for easy copy-pasting.

Authentication & OTP Flow

Clients authenticate using their registered mobile number. The system verifies identity via a WhatsApp/SMS One-Time Password (OTP) before granting access to device endpoints.

1. Requesting an OTP

Send a request with the mobile number in the URL path. This sends a 6-digit OTP code to the registered number on WhatsApp.

GET /api/auth/otp/[YOUR_MOBILE]
2. Verifying the OTP

Verify the code received. On success, the response returns a JWT bearer access token.

GET /api/auth/verify/[YOUR_MOBILE]/[YOUR_OTP]

Controlling Smart Devices

Once authenticated, devices can be triggered directly in one of three ways by targeting a device's [DEVICE_ID] (find these under the Devices tab):

Option A: Direct URL Trigger (No Headers, Best for Browser Links/Tasker/Widgets)

Append the mobile and verified otp as query string parameters directly in the URL address bar. This functions as a stateless activation link.

GET /api/device/[DEVICE_ID]/toggle?mobile=[YOUR_MOBILE]&otp=[YOUR_OTP]
Option B: Direct Token Trigger (Query Parameter)

Pass the JWT token returned from verification directly in the URL address query parameter.

GET /api/device/[DEVICE_ID]/toggle?token=[YOUR_JWT_TOKEN]
Option C: Standard POST API Trigger (Best for Custom Code Integrations)

Send a standard HTTP POST request with the JWT token set in the Authorization header.

POST /api/device/[DEVICE_ID]/toggle
Requires Headers: Authorization: Bearer [YOUR_JWT_TOKEN] and Content-Type: application/json

What is the cURL Button & Why is it there?

Under the Generated APIs tab, each device endpoint includes a cURL button.

  • What it is: cURL is a command-line tool used to transfer data with URLs. It runs directly inside terminal shells (like Command Prompt, PowerShell, Linux Terminal, or macOS Terminal).
  • Why it's there: It allows installers and developers to immediately copy a working request command, paste it in their command terminal, and verify if the backend gateway successfully connects to Home Assistant. It serves as a rapid testing and debugging tool without needing to write custom software.
Timestamp Mobile Number Gateway Request API OTP Status Details
Shows user endpoints currently authenticated via OTP JWT sessions.
Mobile Number Verified OTP Created At Expires At Client Device / User Agent Actions
Timestamp User / Number API Endpoint Target Device Action Triggered Response Status Latency

Backup & System Restore

Download a single master JSON file containing the entire system configuration, users, rooms, devices, and histories.


Restore the database state from an existing backup JSON file.

WhatsApp / SMS Gateway Config

OTP & Session Expiry Config

Time duration before the sent OTP code expires (1 - 60 minutes).
How long the authenticated client session remains active after OTP verification.

Server Host & Health Diagnostics

Process StatusOnline
Uptime-
CPU Architecture-
System RAM-
RSS Node Memory-
Core Processor-

Change Administrator Password

Ensure security credentials are changed periodically.