Remote acces to API

Remote acces to API

fyapobifyapobi Posts: 1Member

Hello,
Despite what seems to be adequate port forwarding, all my GET requests do not return an answer when fired from outside the LAN.
Is this by design? if yes, does a workaround exist? Why blocking so many interesting use cases?

Thanks

Comments

  • edited 07/05/2018 - 09:33
    Zach@Bose[email protected] Posts: 143Admin

    Hi fyapobi,

    Yes, this is by design for security purposes. Unfortunately, there is no direct workaround. We definitely understand the huge amount of use cases a remotely-accessible API can provide, and are factoring that into future API planning, but in the meantime this cannot be achieved through port-forwarding.

    One potential option to enable some of these use cases would be to build out a client on your LAN that more securely talks to a remote server. As a conceptual example, you can check out what I did to hack together a SoundTouch Alexa skill a couple years ago before our official one was live: https://github.com/Zach-Rose-Bose/SoundTouch_Alexa_Skill. It's not a scalable or performant solution, but the Local and Remote server concept there uses polling of the cloud from the LAN to retrieve requests which are then executed directly on the LAN.

    Let me know if you have any further questions on this topic!

    -Zach

  • edited 10/13/2018 - 05:29
    tm9tm9 Posts: 1Member

    Hey,

    the soundtouch 20 igrnoes any packets which are from outside the network.
    The soundtouch 10 accepts every tcp packet from everywhere.
    So really security?

    -timo

  • Zach@Bose[email protected] Posts: 143Admin

    Hi timo,

    Can you confirm your SoundTouch 10 is on firmware version 19.0.5 or later? That was the version where we implemented this security mechanism. Can you also provide information about the steps you took where you observed your SoundTouch 10 accepting all packets regardless of where they were sent from?

Sign In or Register to comment.