Xiaomi Cloud Tokens Extractor

🔐

Authentication

Username Accepts: Email address, phone number (mostly CN accounts), or Xiaomi account ID

Password

Server Region 💡 Choose the region where you created your Xiaomi account or where your devices were purchased
You can switch to other regions after login without re-authenticating

📁

Drop session file here

or click to browse

🔐

Two-Factor Authentication

Please follow these steps:

Open this URL in your browser:
Choose your verification method (SMS or Email)
You'll receive a 6-digit verification code
DO NOT enter the code on Xiaomi's website!
Close the browser and enter the code below:

🔒 Privacy & Security Disclosure

What This Tool Does

This tool extracts device tokens and authentication keys from your Xiaomi account. These tokens are used to locally control your Xiaomi smart home devices without going through Xiaomi's cloud servers.

How It Works

Authenticates with Xiaomi's servers using your credentials
Retrieves a list of all devices linked to your account
Extracts device tokens and BLE keys for local control

Data Handling

No storage: Your credentials are never stored on the server
Session files: Saved locally on your device only
Direct communication: All API calls go directly to Xiaomi servers
Open source: Code is fully auditable on GitHub

Security Recommendations

Use HTTPS when deploying this tool
Keep session files secure - they contain authentication tokens
Enable 2FA on your Xiaomi account
Consider using app-specific passwords if available

Disclaimer: This is an unofficial tool not affiliated with Xiaomi. Use at your own risk. The tool replicates the functionality of the Python-based Xiaomi-cloud-tokens-extractor project in a web interface.

VERSION 1.3.0

GitHub Original Python Version