Skip to content

GET /v1.1/devices returns statusCode 100 with an empty deviceList for an owner account (same symptom as #233, likely botRegion=ap routing) #496

Description

@yusukesanse

Analysis

GET https://api.switch-bot.com/v1.1/devices succeeds with statusCode: 100, but both deviceList and infraredRemoteList come back empty, even though the account owns a Hub Mini, a Lock and a Keypad that are all visible and remotely controllable in the SwitchBot app.

This is the exact symptom reported in #233. In that thread, @hsakoh inspected the Android app traffic and found that /prod/account/api/v1/user/userinfo returned botRegion=us for accounts that worked, and botRegion=ap for accounts that returned an empty deviceList. Our account was created in Japan, so it is almost certainly botRegion=ap.

#233 was never answered by the SwitchBot team; the reporters simply observed it fixing itself a few weeks later and the stale bot closed the issue. #326 also appears to be the same class of problem (cross-region routing), and is still open: Functions from 'us-east-1' are not reachable in this region ('eu-central-1').

Because the app can lock/unlock the devices remotely, the device-to-cloud binding itself is clearly alive. Only the OpenAPI view of the account's device inventory is empty. That points at inventory sync or account/region mapping on the OpenAPI backend rather than anything on the client side.

Expected Behavior

GET /v1.1/devices should return the Hub Mini, the Lock and the Keypad that the account owns.

Steps To Reproduce

  1. Create a SwitchBot account in Japan (region ap).
  2. Add a Hub Mini, a Lock and a Keypad to that account. Confirm remote lock/unlock and status work from the app.
  3. Generate a token and secret from the app's Developer Options.
  4. Call GET https://api.switch-bot.com/v1.1/devices with the documented Authorization / sign / t / nonce headers.
  5. The response is HTTP 200, statusCode: 100, message: "success", with both lists empty.

Logs

{
  "statusCode": 100,
  "body": {
    "deviceList": [],
    "infraredRemoteList": []
  },
  "message": "success"
}

Configuration

{
  "endpoint": "https://api.switch-bot.com/v1.1/devices",
  "auth": "HMAC-SHA256 over (token + t + nonce), base64, uppercased",
  "headers": ["Authorization", "sign", "t", "nonce", "Content-Type"]
}

Environment

  • OS: macOS
  • Software: Node.js fetch (standalone script) and a Next.js server route — both give the same empty result
  • Node: v20
  • SwitchBot app: V9.28
  • Account region / country: Japan
  • Devices: Hub Mini, Lock, Keypad

Additional Context

What we have already verified:

  • Token and secret were regenerated, and the request is made with the owner account (not a shared-member account).
  • No authentication failure at any point: we never see a 401, and statusCode is always 100.
  • The devices appear in the SwitchBot app, and remote lock / unlock / status all work from the app.
  • Same empty result whether credentials come from a .env file or are passed inline, and from two independent code paths.
  • Cloud Service is enabled for the devices in the app (ruling out Enable Cloud Service false Even Tough Enabled on App #195).

We can provide on request: exact timestamp in JST, the account email, app version, and raw response logs.

App feedback ticket no.: 1302365

Could you please check whether the account's botRegion (likely ap) is correctly mapped on the OpenAPI backend, and whether the device inventory sync for this account has failed? Since #233 was closed without a root-cause explanation, we would like to avoid simply waiting several weeks for it to resolve on its own — this is blocking a production integration that issues time-limited Keypad passcodes.

Metadata

Metadata

Assignees

Labels

bugSomething isn't working

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions