NUKI Smart Lock 3.0 Pro https webhook to open/close the door

For example, to unlock the lock you use this web request

url: https://api.nuki.io/smartlock/<LOCK_ID>/action/unlock
headers:
   Content-Type: application/json
    Authorization: Bearer <YOUR TOKEN>
1 Like

Thanks for your help, i’ve check the commands on Swagger UI but i can’t find a info how to get the LOCK_ID. Do you have a suggestion how i can find out?

Use GET https://api.nuki.io/smartlock to get a list of all your smarlocks with smartlockId

1 Like

Thanks for your help, i can open and close the door now with Swagger UI and Swagger UI

But i don’t understand how it works with https… I would like send the https as a action from doorbird device.

For example, 123456789 is my lock id and xyz my API token
Action in the web interface of doorbird:

https://api.nuki.io/smartlock/123456789/action/unlock headers: Content-Type: application/json Authorization: Bearer xyz”

This is not working. How to decode the headers in the https call?

Does regular curl work?

curl -X POST --header 'Content-Type: application/json' --header  'Authorization: Bearer xyz' 'https://api.nuki.io/smartlock/123456789/action/unlock'

No, it’s not working.
I’ve a second option using a webhook from doorbird to homee and from homee to nuki. I post some pictures of this configuration, maybe you have an idea, because that doesn’t work either…





I’m sorry but I don’t know either doorbird or homee so I can’t really comment on them.
Can you try to run the curl command in a command line / terminal window and paste it’s output?

Hi! Do i need the Bridge to do so? Or only the Nuki 3.0 Pro (WiFi)?

Thank you.

The bridge will allow local HTTP API calls.
The SL 3 Pro and bridge both work with the remote API, so if you have a SL3P you can use the cloud based API without a bridge

Thank you! And what if someone knows the URL of me, then he can open the door?

You need to generate an API key in advance at Nuki Web and pass it in a header in all API calls. This acts as a password to block unauthorized API calls.
More details here: Nuki Web API

1 Like

Hi there, this is my first post.
Thanks to this thread, I was able to setup my http request for my Smartlock 3 Pro.
My use case: As the homekit integration does not support to open (=unlatch) the door while already unlocked, I defined a switch that is doing this.
My feedback: The smartlock ID was the most challenging part as Nuki Web shows “a” Smartlock ID for my device (within administration) that is a totally different one I got (and finally need) from the GET

It is the same ID, but in the administration and on the device it is shown in hexadecimal format and the WebAPI needs it in decimal format. You can use an online converter like this one for the conversion.

Thanks for this important remark. It makes sense to either add this to the documentation or change it at least in the administration.

I’ve create a forwarding server with Flask on a raspberry pi now.

import json
import requests
from flask import Flask, request, abort

app = Flask(__name__)

@app.route('/homeetest', methods=['POST'])
def homeetest():
    if request.method == 'POST':
        webhook_url_close = 'https://api.nuki.io/smartlock/12345/action/lock'
        data = { 'authorization': 'Bearer xyz' }
        r = requests.post(webhook_url_close, data=json.dumps(data), headers={'Content-Type': 'application/json'})
        print(r)
        print(request.json)
        return 'success', 200
    else:
        abort(400)

if __name__ == '__main__':
    app.run(host='192.168.192.2')

I get the return value r

<Response [415]>

What it mean? I read something about the -d option is missing. But i don’t unterstand this.

BTW: If i’m using the curl command, it works fine.

I’m using the curl command now.

import os
import sys
import json
import requests
from flask import Flask, request, abort

app = Flask(__name__)


@app.route('/doorclose', methods=['POST'])
def doorclose():
    if request.method == 'POST':
        os.system("curl -X 'POST' 'https://api.nuki.io/smartlock/123456789/action/lock' -H 'accept: application/json' -H 'authorization: Bearer xyz'")
        return 'success', 200
    else:
        abort(400)

@app.route('/dooropen', methods=['POST'])
def dooropen():
    if request.method == 'POST':
        os.system("curl -X 'POST' 'https://api.nuki.io/smartlock/123456789/action/unlock' -H 'accept: application/json' -H 'authorization: Bearer xyz'")
        return 'success', 200
    else:
        abort(400)

if __name__ == '__main__':
    app.run(host='192.168.192.2')

I believe that the issue may be with this line:
data = { ‘authorization’: ‘Bearer xyz’ }
The later requests.post line sends it as data to the endpoint, but Authorization should be passed as a header like in your curl code

1 Like

Okay, you mean it’s needed to be in the headers like this

data = { }
r = requests.post(webhook_url_close, data=json.dumps(data), headers={'Content-Type': 'application/json', 'authorization': 'Bearer xyz' })

I would give it a try…
… Still <Response [415]>

Hi,
Are these http calls available for the smartlock 3 non pro?

Hi Ralph,

If you mean the Smartlock 3 Basic verison, yes, you would need to connect it via the Bridge.