1. Browse to your Home Assistant instance.
2. Go to Settings > Devices & Services.
3. In the bottom right corner, select the Add Integration button.
4. From the list, select Nest and follow the instructions on screen.

By the end of this section you will have a Cloud Project with the necessary APIs enabled

1. Go to the Google Cloud Console.

2. If this is your first time here, you likely need to create a new Google Cloud project. Click Create Project then New Project.

3. Give your Cloud Project a name then click Create.

4. You will need to hold on to your Cloud Project ID to enable a subscription to receive updates from devices. Visit the Cloud Console and copy the Project ID needed by Home Assistant.

   

5. Go to APIs & Services > Library where you can enable APIs.

6. From the API Library search for Smart Device management and click Enable.

   

7. From the API Library search for Cloud Pub/Sub API in the Cloud Console and click Enable.

You now have a cloud project ready for the next section to configure authentication with OAuth.

By the end of this section you will have configured the OAuth Consent Screen, needed for giving Home Assistant access to your cloud project.

1. Go to the Google API Console.

2. Click OAuth consent screen and configure it.

3. Select External (the only choice if you are not a G-Suite user) then click Create. While you are here, you may click the Let us know what you think to give Google’s OAuth team any feedback about your experience configuring credentials for self-hosted software. They make regular improvements to this flow and appear to value feedback.

4. The App Information screen needs you to enter an App name and User support email, then enter your email again under Developer contact email. These are only shown while you later go through the OAuth flow to authorize Home Assistant to access your account. Click Save and Continue. Omit unnecessary information (e.g. logo) to avoid additional review by Google.

5. On the Scopes step click Save and Continue.

6. On the Test Users step, you need to add your Google Account (e.g., your @gmail.com address) to the list. Click Save on your test account then Save and Continue to finish the consent flow.

7. Navigate back to the OAuth consent screen and click Publish App to set the Publishing status is In Production.

   

8. The warning says your app will be available to any user with a Google Account which refers to the fields you entered on the App Information screen if someone finds the URL. This does not expose your Google Account or Nest data.

9. Make sure the status is not Testing, or you will get logged out every 7 days.

By the end of this section you will have the OAuth Client ID and Client Secret needed for Application Credentials setup.

The steps below use Web Application Auth with My Home Assistant to handle Google’s strict URL validation rules like requiring SSL and a publicly resolvable redirect URL. Desktop Auth has been deprecated by Google to improve security, and it can no longer be used with Home Assistant.

1. Navigate to the Credentials page and click Create Credentials.

2. From the drop-down list select OAuth client ID.

3. Enter Web Application for the Application type.

4. Pick a name for your credential.

5. Add Authorized redirect URIs end enter https://my.home-assistant.io/redirect/oauth

6. Click Create to create the credential.

7. You should now be presented with an OAuth client created message.

   

8. You now have OAuth Client ID and OAuth Client Secret needed by Home Assistant. See Application Credentials for more general detail about how Home Assistant manages credentials.

Now that you have authentication configured, you will create a Nest Device Access Project which requires a US$5 fee. Once completed, you will have a Device Access Project ID.

1. Go to the Device Access Registration page. Click on the button Go to the Device Access Console.

2. Check the box to “Accept the Terms of Service” and click Continue to Payment where you need to pay a fee (currently US$5).

   It is currently not possible to share/be invited to a home with a G-Suite account. Make sure that you pay the fee with an account that has access to your devices.

3. Now the Device Access Console should be visible. Click on Create project.

4. Give your Device Access project a name and click Next.

5. Next you will be asked for an OAuth client ID which you created in the previous step and click Next.

6. Enable Events by clicking on Enable and Create project.

7. You now have a Device Access Project ID needed by Home Assistant.

In this section you will authorize Home Assistant to access your account by generating an Authentication Token.

See Troubleshooting below for steps to resolve the common misconfigurations that result in errors such as Can’t link… or Error 400 from Google.

Note that OAuth for Apps has been deprecated by Google and will break by October 2022.

1. In Home Assistant, you should already be going through the setup flow. If not, go back and click the My: Add Integration button above to start the setup. The integration will ask you for all of the necessary integration configuration.

2. Once all configuration information is entered in Home Assistant, a new tab opens, allowing you to choose a Google account. This should be the same developer account you configured above.

3. The Google Nest permissions screen will allow you to choose which devices to configure and lets you select devices from multiple homes. You likely want to enable everything, however, you can leave out any feature you do not wish to use with Home Assistant.

   

4. You will get redirected to another account selection page.

5. You may see a warning screen that says Google hasn’t verified this app since you just set up an un-verified developer workflow. Click Continue to proceed.

   

6. Then you will be asked to grant access to additional permissions. Click Allow.

7. Confirm you want to allow persistent access to Home Assistant.

8. You will now see a page hosted by My Home Assistant asking if you would like to Link account to Home Assistant? Click Link Account to continue.

9. If all went well, you are ready to go!

   

This is an example of what the nest_event payload looks like for a Device Trigger that you can use to power automations.

{
    "event_type": "nest_event",
    "data": {
        "device_id": "EXAMPLE_DEVICE_ID",
        "type": "doorbell_chime",
        "timestamp": "2022-01-26T04:56:54.031000+00:00",
        "nest_event_id": "EXAMPLE_EVENT_ID",
        "zones": ["Zone 1"],
    },
}

• device_id: The Home Assistant device identifier for the camera
• nest_event_id: is an opaque identifier that can be used with the Media Source Attachments described below for supported cameras.
• zones: Zones triggering the event if available. Zones are configured in the Google Home App, though not supported by all cameras. Events in the area outside of a named zone will be an empty zone name.

Example for cameras that support Clip Previews used with iOS which can render video in notifications.

service: notify.mobile_app_iphone
data:
  message: Doorbell Pressed
  title: Someone pressed the doorbell
  data:
    image: >-
      /api/nest/event_media/{{ trigger.event.data.device_id }}/{{ trigger.event.data.nest_event_id }}/thumbnail
    video: >-
      /api/nest/event_media/{{ trigger.event.data.device_id }}/{{ trigger.event.data.nest_event_id  }}
mode: single

Example for cameras that support Clip Previews, but transcoded to an animated gif (Android does not render video notifications).

service: notify.mobile_app_android
data:
  message: Doorbell Pressed
  title: Someone pressed the doorbell
  data:
    image: >-
      /api/nest/event_media/{{ trigger.event.data.device_id }}/{{ trigger.event.data.nest_event_id }}/thumbnail

Example for cameras that support Snapshot (jpg) on either Android or iOS.

service: notify.mobile_app
data:
  message: Doorbell Pressed
  title: Someone pressed the doorbell
  data:
    image: >-
      /api/nest/event_media/{{ trigger.event.data.device_id }}/{{ trigger.event.data.nest_event_id }}/thumbnail

1. Make sure to upgrade to the latest version of Home Assistant.

2. Go to Settings > Devices & Services.

3. The Nest integration should appear with alert.

   

4. Click Reconfigure.

   

If the Nest integration does not have an Alert then you probably used Web Auth and have nothing to do.

1. In the Home Assistant flow confirm your Google Cloud Project ID and proceed to the next step.
2. You will be prompted to enter new Application Credentials.
3. In another tab visit the Google Cloud Console
4. On the Credentials page click Create Credential.
5. From the drop-down list select OAuth client ID.
6. Enter Web Application for the Application type.
7. Pick a new name for your credential.
8. Add Authorized redirect URIs end enter https://my.home-assistant.io/redirect/oauth
9. Click Create to create the credential.
10. You now have OAuth Client ID and OAuth Client Secret needed by Home Assistant.
11. Back in Home Assistant, you should now be prompted to create Application Credentials where you will enter the Client ID and Client Secret.

1. Visit the Device Access Console
2. Select the Device Access Project used by Home Assistant
3. You need to then delete the old OAuth Client ID by clicking the Trash icon to unlink your Nest project from the deprecated Auth method.
4. Click the overflow menu ... then Add Client ID
5. Enter the new OAuth Client ID for Web App Auth credentials
6. Back in Home Assistant confirm your Device Access Project ID

• This should show the redirect URI https://my.home-assistant.io/redirect/oauth in the error message. If the error message has a different URL, then you are running an older version of Home Assistant need to upgrade or manually disabled My Home Assistant (see below).

  

• Go back to the API Console and select your OAuth 2.0 Client ID.

• Add the URL https://my.home-assistant.io/redirect/oauth to the list of Authorized redirect URIs and click Save and start the flow over.

  

Google applies strict Redirect URI validation rules to keep your login credentials secure. In practice, this means that you must access Home Assistant over SSL and a public top-level domain. See the documentation on Securing and note that you don’t actually need to enable remote access.

If you don’t have My Home Assistant on your installation, you can use <HOME_ASSISTANT_URL>/auth/external/callback as the redirect URI instead.

The <HOME_ASSISTANT_URL> must be the same as used during the configuration/ authentication process.

The OAuth Client ID used must be consistent, so check these:

• Google Cloud Console - See instructions above to create new Web Auth OAuth Credentials if needed

• Device Access Project - The OAuth Client ID for your Device Access Project must refer to the Web Auth OAuth Client ID in the Google Cloud Console

• Make sure you are using the same Google Account in the Device Access Console and Google Cloud Console e.g. double-check the photo and account name in the top right of the screen

• Application Credentials - Home Assistant needs to be configured with the same credentials. Delete any existing entries if they do not match, then either manually enter or re-enter as part of the setup.

  

• This most likely reason is the OAuth Consent Screen is set to Testing by default which expires the token after 7 days.
• Follow the steps above to set it to Production to resolve this and reauthorize your integration one more time to get a new token.
• You may also see this as the error message invalid_grant: Token has been expired or revoked.
• See Google Identity: Refresh token expiration for more reasons on why your token may have expired.

• Restart the Thermostat device. See How to restart or reset a Nest thermostat for more details.
• In the official Nest app or on https://home.nest.com: Move the Thermostat to a different or fake/temporary room.
• Reload the integration in Home Assistant: Navigate to Configuration then Devices & Services, click ... next to Nest and choose Reload.