Caution
Eufy is in the middle of a large migration of their ecosystem. The newer Eufy Mega platform (the "5-in-1" app, covering Security / Clean / Lights / Care) is gradually becoming the only supported backend, and Eufy has already started removing access to the legacy APIs this library was originally built on. Until recently both worked in parallel — that is no longer guaranteed.
🔔 What this means for you:
- 🟢 A recent PR restores push notifications against the new v6 ("eufy_mega") backend, so push works again for now. This is a short-term stopgap.
- 🟡 Other functionality that still depends on legacy endpoints may stop working without warning as Eufy continues the rollout. The current Eufy app no longer uses the legacy API at all.
- 🔴 Once the legacy API is fully shut down, this library will stop functioning — no amount of patching here will change that.
🚧 What's next:
A new integration built around Eufy Mega is in active development (auto-discovery, less battery drain for P2P), designed from the ground up rather than bolted onto the Security-only structure, and coordinated across the Home Assistant, Homebridge and Homey communities so the new library works for everyone.
This notice will be updated as the migration progresses.
Small server wrapper around eufy-security-client library to access it via a WebSocket.
Join us on Discord:
The development of this server was inspired by the following project:
Credits go to them as well.
If you appreciate my work and progress and want to support me, you can do it here:
This project is not affiliated with Anker and Eufy (Eufy Security). It is a personal project that is maintained in spare time.
To try it out or for more information, such as API documentation, Docker image, etc., please see here.
Instructions aimed at maintainers for deploying a new version: Deployment
The Eufy cloud handshake requires RSA_PKCS1_PADDING, which Node.js restricted as part of the
Marvin attack fix (CVE-2023-46809). Earlier versions worked around this by launching Node with
--security-revert=CVE-2023-46809, but that flag is no longer recognized on Node 24+ and causes
Node to abort on startup (Error: Attempt to revert an unknown CVE).
This is now handled by eufy-security-client's embedded (pure-JS) PKCS#1 implementation, which is
enabled by default (enableEmbeddedPKCS1Support: true). No Node flag is required and you no longer
need to set anything. To opt out, set "enableEmbeddedPKCS1Support": false in your config file.

