New logon method

[povlhp]

Seems like my Kia Connect (Not KIA Uvo) is working slightly different to get a "ControlToken".
It gets a token by sending vehicle ID and PIN:

PUT https://prd.eu-ccapi.kia.com:8080/api/v1/user/pin HTTP/1.1
Host: prd.eu-ccapi.kia.com:8080
Authorization: Bearer ey...Wg
Accept: */*
ccsp-service-id: fdc85c00-0a2f-4c64-bcb4-2cfb1500730a
Accept-Language: en-GB;q=1.0
ccsp-application-id: a2...74
Accept-Encoding: br;q=1.0, gzip;q=0.9, deflate;q=0.8
Stamp: oY..cA=
offset: 1
Content-Length: 64
User-Agent: EU_BlueLink/2.1.3 (com.kia.connect.eu; build:269; iOS 15.3.0) Alamofire/5.4.3
Connection: keep-alive
Content-Type: application/json; charset=UTF-8
ccsp-device-id: 35..0d
Cookie: TS012...dd=01...99

{"deviceId":"a0-VIN-10","pin":"9999"}

And I am getting a control token back:

HTTP/1.1 200 OK
Ccsp-Request-Id: fe6b64fd-9604-4a32-9286-d121326cd7f9
Ccsp-Span-Id: 5
Content-Length: 705
Content-Security-Policy: script-src https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'unsafe-inline'; frame-src https://www.google.com/recaptcha/
Content-Type: application/json
Date: Mon, 07 Feb 2022 09:56:30 GMT
Vary: Origin
X-Content-Type-Options: nosniff
X-Frame-Option: SAMEORIGIN
X-Ratelimit-Limit: 0
X-Ratelimit-Remaining: 0
X-Ratelimit-Reset: 0
X-Xss-Protection: 1; mode=block
Set-Cookie: TS012b00dd=01cb...99; Path=/; Domain=.prd.eu-ccapi.kia.com

{"controlToken":"ey.....sQ","expiresTime":600}

The control token is used as a Bearer token to all following requests. So not a full logon, but it is just using car ID and a 4 digit PIN code to get a control token. PIN is setup in app, but most users enable biometric logon (face/finger ID)

[fuatakgun]

thanks, how do you decrypt the traffic now? I need to setup the local env too.

[povlhp]

I am on iOS, Fiddler Classic. It just works when Fiddler cert installed. Using version from App Store
After accepting and installing it, go to setting, general and in the bottom there is a place where you can approve the installed certificate. So a long process.

[fuatakgun]

This is not working for Android anymore as they are pinning the exact certificate in the app. I will give a try probably with a emulator, thanks

[povlhp]

Pinning is good from a security perspective. But, I see it as a problem that they are trying to break compatibility with 3rd party apps - rather than just opening up. But at least we have a right to reverse engineering for compatibility purposes that overrules any agreement.
Guess I will have to try to write to Kia EU.

[fuatakgun]

can you share the app id?
ccsp-application-id: a2...74

[povlhp]

ccsp-application-id: a2b8469b-30a3-4361-8e13-6fceea8fbe74

[fuatakgun]

thanks, working with bluelinky team to fix this.

[povlhp]

There is also registration for notification:

POST https://prd.eu-ccapi.kia.com:8080/api/v1/spa/notifications/register HTTP/1.1
Host: prd.eu-ccapi.kia.com:8080
Accept: */*
ccsp-service-id: fdc85c00-0a2f-4c64-bcb4-2cfb1500730a
If-None-Match: W/"8c-T4UhK4JDv4woXXrwQaBeXQoBiGM"
ccsp-application-id: a2b8469b-30a3-4361-8e13-6fceea8fbe74
Accept-Language: en-GB;q=1.0
Stamp: oYa3/zyroR0vT6ZgagTzPJcFq9FRkgRPjU5ih3eFC/Og5gc/7ggPhHnIRMXB1ME=
offset: 1
User-Agent: EU_BlueLink/2.1.3 (com.kia.connect.eu; build:269; iOS 15.3.0) Alamofire/5.4.3
Accept-Encoding: br;q=1.0, gzip;q=0.9, deflate;q=0.8
Content-Length: 148
Connection: keep-alive
Content-Type: application/json; charset=UTF-8

{"pushType":"APNS","uuid":"1a..06b","pushRegId":"71f...58b"}

The cookie it gets there is used in next calls:

HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Date: Mon, 07 Feb 2022 11:23:20 GMT
Etag: W/"8c-Iw9nnQSE//DiKGgqHWcascEgTV4"
X-Ratelimit-Limit: 0
X-Ratelimit-Remaining: 0
X-Ratelimit-Reset: 0
Content-Length: 140
Set-Cookie: TS012b00dd=01...1b; Path=/; Domain=.prd.eu-ccapi.kia.com

{"retCode":"S","resCode":"0000","resMsg":{"deviceId":"35...0d"},"msgId":"3f...8f"}

[fuatakgun]

it is clear thanks, you see the stamp below, it has to be generated regularly as they are not sticky. there is an external repository taking care of this and I am consuming generated json file here. working with them.
Stamp: oYa3/zyroR0vT6ZgagTzPJcFq9FRkgRPjU5ih3eFC/Og5gc/7ggPhHnIRMXB1ME=

[povlhp]

POST https://prd.eu-ccapi.kia.com:8080/api/v1/spa/devices/version HTTP/1.1
Host: prd.eu-ccapi.kia.com:8080
Accept: */*
ccsp-service-id: fdc85c00-0a2f-4c64-bcb4-2cfb1500730a
Accept-Language: en-GB;q=1.0
ccsp-application-id: a2b8469b-30a3-4361-8e13-6fceea8fbe74
Accept-Encoding: br;q=1.0, gzip;q=0.9, deflate;q=0.8
Stamp: oYa3/zyroR0vT6ZgagTzPJcFq9FRkgRPjU5ih3eFC/Og5gc/7ggPhHnIRMXB1MA=
offset: 1
User-Agent: EU_BlueLink/2.1.3 (com.kia.connect.eu; build:269; iOS 15.3.0) Alamofire/5.4.3
Content-Length: 125
If-None-Match: W/"9c-zhlx7DdOwL+VsmTYep6dTBbH+vw"
Connection: keep-alive
Content-Type: application/json; charset=UTF-8
ccsp-device-id: 350d
Cookie: TS012b00dd=0...1b

{"osVer":"15.3","phoneType":"iPhone11,8","buildVer":"2.1.3","teleType":"ETC","appVer":"2.1.3","osType":"iOS","appType":"UVO"}

[povlhp]

And V2 close door:

POST https://prd.eu-ccapi.kia.com:8080/api/v2/spa/vehicles/a0...910/control/door HTTP/1.1
Host: prd.eu-ccapi.kia.com:8080
Authorization: Bearer ey..._zLTg
Accept: */*
ccsp-service-id: fdc85c00-0a2f-4c64-bcb4-2cfb1500730a
Accept-Language: en-GB;q=1.0
ccsp-application-id: a2b8469b-30a3-4361-8e13-6fceea8fbe74
Accept-Encoding: br;q=1.0, gzip;q=0.9, deflate;q=0.8
Stamp: oYa3/zyroR0vT6ZgagTzPJcFq9FRkgRPjU5ih3eFC/Og5gc/7ggPhHnIRMXB1sU=
offset: 1
Content-Length: 68
User-Agent: EU_BlueLink/2.1.3 (com.kia.connect.eu; build:269; iOS 15.3.0) Alamofire/5.4.3
If-None-Match: W/"4f-jLKY2U8+Z5dYtsGROOjYiE3irY0"
Connection: keep-alive
Content-Type: application/json; charset=UTF-8
ccsp-device-id: 35...0d
Cookie: TS012b00dd=01...1b

{"action":"close","deviceId":"35...0d"}

[povlhp]

ANd a V2 call for getting status:

GET https://prd.eu-ccapi.kia.com:8080/api/v2/spa/vehicles/a0...10/status HTTP/1.1
Host: prd.eu-ccapi.kia.com:8080
Accept: */*
Authorization: Bearer ey...Tg
ccsp-service-id: fdc85c00-0a2f-4c64-bcb4-2cfb1500730a
Accept-Language: en-GB;q=1.0
ccsp-application-id: a2b8469b-30a3-4361-8e13-6fceea8fbe74
Accept-Encoding: br;q=1.0, gzip;q=0.9, deflate;q=0.8
Stamp: oYa3/zyroR0vT6ZgagTzPJcFq9FRkgRPjU5ih3eFC/Og5gc/7ggPhHnIRMXF0MU=
offset: 1
User-Agent: EU_BlueLink/2.1.3 (com.kia.connect.eu; build:269; iOS 15.3.0) Alamofire/5.4.3
If-None-Match: W/"b62-jJZ75E3QDC8rwxuyfpktw+8KW8k"
Connection: keep-alive
Content-Type: application/json; charset=UTF-8
ccsp-device-id: 35...0d
Cookie: TS012b00dd=01..46

Response - the b62 before the json is there:

HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Date: Mon, 07 Feb 2022 11:31:00 GMT
Etag: W/"b62-MNHjVWauU5aH7GA7IlX6cZBh9fQ"
X-Ratelimit-Limit: 100
X-Ratelimit-Remaining: 93
X-Ratelimit-Reset: 1644233498
Set-Cookie: TS012b00dd=01cba...46; Path=/; Domain=.prd.eu-ccapi.kia.com
Transfer-Encoding: chunked

b62
{"retCode":"S","resCode":"0000","resMsg":{"airCtrlOn":false,"engine":false,"doorLock":true,"doorOpen":{"frontLeft":0,"frontRight":0,"backLeft":0,"backRight":0},"trunkOpen":false,"airTemp":{"value":"02H","unit":0,"hvacTempType":1},"defrost":false,"acc":false,"evStatus":{"batteryCharge":false,"batteryStatus":81,"batteryPlugin":0,"remainTime2":{"etc1":{"value":38,"unit":1},"etc2":{"value":400,"unit":1},"etc3":{"value":115,"unit":1},"atc":{"value":61,"unit":1}},"drvDistance":[{"rangeByFuel":{"evModeRange":{"value":368,"unit":1},"totalAvailableRange":{"value":368,"unit":1}},"type":2}],"reservChargeInfos":{"reservChargeInfo":{"reservChargeInfoDetail":{"reservInfo":{"day":[9],"time":{"time":"1200","timeSection":0}},"reservChargeSet":false,"reservFatcSet":{"defrost":false,"airTemp":{"value":"00H","unit":0,"hvacTempType":1},"airCtrl":0,"heating1":0}}},"offpeakPowerInfo":{"offPeakPowerTime1":{"starttime":{"time":"1200","timeSection":0},"endtime":{"time":"1200","timeSection":0}},"offPeakPowerFlag":0},"reserveChargeInfo2":{"reservChargeInfoDetail":{"reservInfo":{"day":[9],"time":{"time":"1200","timeSection":0}},"reservChargeSet":false,"reservFatcSet":{"defrost":false,"airTemp":{"value":"00H","unit":0,"hvacTempType":1},"airCtrl":0,"heating1":0}}},"reservFlag":0,"ect":{"start":{"day":0,"time":{"time":"0000","timeSection":0}},"end":{"day":0,"time":{"time":"0000","timeSection":0}}},"targetSOClist":[{"targetSOClevel":100,"dte":{"rangeByFuel":{"evModeRange":{"value":464,"unit":1},"totalAvailableRange":{"value":464,"unit":1}},"type":2},"plugType":0},{"targetSOClevel":100,"dte":{"rangeByFuel":{"evModeRange":{"value":464,"unit":1},"totalAvailableRange":{"value":464,"unit":1}},"type":2},"plugType":1}]},"chargePortDoorOpenStatus":2,"batteryPreconditioning":false},"ign3":false,"hoodOpen":false,"transCond":false,"steerWheelHeat":0,"sideBackWindowHeat":0,"tirePressureLamp":{"tirePressureLampAll":0,"tirePressureLampFL":0,"tirePressureLampFR":0,"tirePressureLampRL":0,"tirePressureLampRR":0},"battery":{"batState":1,"sjbDeliveryMode":0,"batSignalReferenceValue":{"batWarning":0},"powerAutoCutMode":2},"lampWireStatus":{"stopLamp":{"stopLampStatus":false,"leftLamp":false,"rightLamp":false},"headLamp":{"headLampStatus":false,"leftLowLamp":false,"rightLowLamp":false,"leftHighLamp":false,"rightHighLamp":false,"leftBifuncLamp":false,"rightBifuncLamp":false},"turnSignalLamp":{"turnSignalLampStatus":false,"leftFrontLamp":false,"rightFrontLamp":false,"leftRearLamp":false,"rightRearLamp":false}},"windowOpen":{"frontLeft":0,"frontRight":0,"backLeft":0,"backRight":0},"smartKeyBatteryWarning":false,"washerFluidStatus":false,"breakOilStatus":false,"sleepModeCheck":false,"time":"20220207123100","remoteWaitingTimeAlert":{"remoteControlAvailable":1,"remoteControlWaitingTime":168,"elapsedTime":"03:42:24"},"systemCutOffAlert":0,"tailLampStatus":0,"hazardStatus":0},"msgId":"26...e9"}
0

[fuatakgun]

Pinning is good from a security perspective. But, I see it as a problem that they are trying to break compatibility with 3rd party apps - rather than just opening up. But at least we have a right to reverse engineering for compatibility purposes that overrules any agreement. Guess I will have to try to write to Kia EU.

Earlier they have warned users of these endpoints via email and threaten to shutdown their UVO accounts as this was against their user agreement. I am avoiding to contact with them on purpose :)

[povlhp]

They don't know European copyright law. We have a right by law that we can not give up, that gives us the right to full reverse engineering, including getting outside help to do so, to obtain compatibility, Rest of the world is different. But EU legislation, at least as implemented in Denmark is VERY clear. And lawyers says End-User-Agreements are most likely not legally binding. There should be a proportional gain by accepting it, and nobody should be forced to do so. They can't arm-wrestle consumers.
So I am not afraid - They just have to provide an official API to stop the reverse engineering.
It is trivial to develop a consumer facing API with their current back-end.

[fuatakgun]

Good to know, any links you can share on this topic regarding to legislation?

[povlhp]

JuraWiki has this (danish language)
https://jurawiki.dk/filer/4/4a/4_-_Beskyttelsen_af_EDB-programmer.pdf
You can decompile with the purpose of finding APIs for interoprability with other programs (paragraph 37)

Legal text:
§ 37. Eksemplarfremstilling af et edb-programs kode og oversættelse af kodens form er tilladt, når dette er en forudsætning for at skaffe de oplysninger, der er nødvendige for at tilvejebringe interoperabilitet mellem et selvstændigt udviklet edb-program og andre edb-programme

Translated:
§ 37. Reproduction of a code of a computer program and reverse-engineering of the form of the code is permitted when this is a prerequisite for obtaining the information necessary to provide interoperability between a independently developed computer program and other computer programs

and:
66 / 5,000
Translation results
PCS. 3. The provisions of para. 1 and 2 can not be deviated from by agreement.

It requires that the necesary information is not quickly and easily available. So it can be avoided if they publish the API.

In theory it could mean that trying to keep the API secret and changing keys is a way to circumvent the users rights according to §37. But this has not been validated by a lawyer or court. Would be interesting to have a judgement declaring that invalid.

[povlhp]

See EU software directive, Article 6:
https://eur-lex.europa.eu/legal-content/EN/ALL/?uri=celex:32009L0024

1. The authorisation of the rightholder shall not be required where reproduction of the code and translation of its form within the meaning of points (a) and (b) of Article 4(1) are indispensable to obtain the information necessary to achieve the interoperability of an independently created computer program with other programs, provided that the following conditions are met:
   ....

So basically, with Kia withholding an API (1b of the article), we have the full right to reverse engineer to make compatible software. And if the do certificate pinning, changing keys etc for the purpose of making it difficult to excercise our article 7 rights, they might actually commit an illegal act in most EU countries.

I think that we have the upper hand here. We just need somebody to run a case in some EU country. I am not a lawyer, but I am known to be a good challenge for lawyers - as I have not learned to read things a special way but are open for alternative interpretations.

[fuatakgun]

@povlhp , can you share location call please "vehicles/" + token.vehicle_id + "/location"

ping @cdnninja

[povlhp]

My app and EV6 just uses v1 call:
The account part of the cookie comes from

https://prd.eu-ccapi.kia.com:8080/api/v1/user/oauth2/authorize?response_type=code&client_id=fd...730a&redirect_uri=https://prd.eu-ccapi.kia.com:8080/api/v1/user/oauth2/redirect&lang=en 

I get a 302, but at the same time it sets the account cookie and redirects to https://prd.eu-ccapi.kia.com:8080/web/v1/user/authorize?lang=en&cache=reset"

Here are the location, but it has a "park" path in the end

GET https://prd.eu-ccapi.kia.com:8080/api/v1/spa/vehicles/a0-VID-10/location/park HTTP/1.1
Host: prd.eu-ccapi.kia.com:8080
Accept: */*
Authorization: Bearer ey...0a
Accept-Language: en-GB;q=1.0
ccsp-application-id: a2b8469b-30a3-4361-8e13-6fceea8fbe74
Accept-Encoding: br;q=1.0, gzip;q=0.9, deflate;q=0.8
Stamp: oYa3/zyroR0vT6ZgagTzPJcFq9FRkgRPjU5ih3eFC/Og5gc/7ggPhHnIQ8DC3cM=
offset: 1
User-Agent: EU_BlueLink/2.1.3 (com.kia.connect.eu; build:269; iOS 15.3.0) Alamofire/5.4.3
Connection: keep-alive
Content-Type: application/json; charset=UTF-8
ccsp-device-id: 3a...61
Cookie: TS012b00dd=01c..2e; account=NG...k5.36...f9

Response

HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Date: Mon, 07 Feb 2022 15:06:32 GMT
Etag: W/"150-AxkV/yd8DVmtNYyNpu7QdjcUgXk"
X-Ratelimit-Limit: 100
X-Ratelimit-Remaining: 90
X-Ratelimit-Reset: 1644246442
Content-Length: 336
Set-Cookie: TS012b00dd=01...2e; Path=/; Domain=.prd.eu-ccapi.kia.com

{"retCode":"S","resCode":"0000","resMsg":{"gpsDetail":{"coord":{"lat":56.00000,"lon":10.00000,"alt":0,"type":0},"head":178,"speed":{"value":0,"unit":0},"accuracy":{"hdop":0,"pdop":0},"time":"20220207123058"},"drvDistance":{"rangeByFuel":{"evModeRange":{"value":368,"unit":1}},"type":2}},"msgId":"18...83"}

[povlhp]

This one contains position as well:
GET https://prd.eu-ccapi.kia.com:8080/api/v1/spa/vehicles/VID/status/latest HTTP/1.1

And I see lots of
GET https://prd.eu-ccapi.kia.com:8080/api/v1/spa/notifications/a049cc46-14e3-4c1e-b875-f4ecd7259910/count/new HTTP/1.1
with response
{"retCode":"S","resCode":"0000","resMsg":{"remoteHistory":1,"message":0},"msgId":"15...4"}

followed by
GET https://prd.eu-ccapi.kia.com:8080/api/v1/spa/vehicles/a0vid10/status/latest HTTP/1.1
and response being the full status set.

And when count/new returned 2 I do this call:
GET https://prd.eu-ccapi.kia.com:8080/api/v1/spa/notifications/a04vid10/records HTTP/1.1
and gets a list of status messages back:

{"retCode":"S","resCode":"0000","resMsg":[{"deviceId":"3a...61","vehicleId":"a0vid10","recordId":"37...46","confirmedYn":false,"action":"uvo://control/portdoor/close","result":null,"record":null,"createdAt":"2022-02-07 16:07:10.491","updatedAt":"2022-02-07 16:07:10.491"},{"deviceId":"3a...61","vehicleId":"a0vid10","recordId":"89...dc","confirmedYn":false,"action":"uvo://control/portdoor/open","result":"success","record":"[Success] Charging door opened.","createdAt":"2022-02-07 16:06:54.570","updatedAt":"2022-02-07 16:07:00.041"}],"msgId":"d9...b3"}

And confirming receipt of messages:
PUT https://prd.eu-ccapi.kia.com:8080/api/v1/spa/notifications/records/37...id from above...46 HTTP/1.1
BODY: {"confirmedYn":true}
Reply: {"retCode":"S","resCode":"0000","msgId":"55...59"}

[povlhp]

ANd a V2 to control temperature:
POST https://prd.eu-ccapi.kia.com:8080/api/v2/spa/vehicles/a0vid10/control/temperature HTTP/1.1
BODY
{"tempCode":"14H","action":"start","deviceId":"3a...e61","unit":"C","options":{"defrost":false,"frontWindowHeating":0,"heating1":0},"hvacType":1}

[fuatakgun]

Thanks a lot, are you able to use this integration which mostly relies on v1 api endpoints? I see from the examples you have shared, it is a mix of v1 and v2 for you.

[povlhp]

I have a call to:
GET https://prd.eu-ccapi.kia.com:8080/api/v1/cpw/poi/a0..10 HTTP/1.1
Which returns gzip'ed content. Json, and one variable is setupfile which is base64 encoded json - which contains my favorite list from NAV

[povlhp]

Sending a destination to the car:
POST https://prd.eu-ccapi.kia.com:8080/api/v2/spa/vehicles/a0vid10/location/routes HTTP/1.1
BODY:
{"poiInfoList":[{"phone":"","waypointID":0,"lang":1,"coord":{"lat":56.121971130371094,"alt":0,"lon":10.169329643249512,"type":0},"src":"HERE","addr":"Christian X's Vej 112 8260 Aarhus","zip":"","placeid":"","name":"LIDL"}],"deviceId":"3a..61"}

Would be fantastic if we could push a family member location as destination. Go pick up wife....

Search does not work over proxy. Either pinning or some other issue. Gets lots of tunnel to places.hybrid.cc.api.here.com:443 - Can see my computer connected over VPN, that might be the reason

[povlhp]

Everything V1 seems to work. At least reading data.
Did not test much control, but Climate works. I have a button on my watch in HA to preheat the car.

[fuatakgun]

what about DTC values? like engine, airbag etc statuses? related issue: #269

[povlhp]

More calls to implement.
Seems like all v2 calls requires a deviceID, likely because it uses the the user/pin to get the 10 minute control token.

Set charge limit in percent - Retrieve is get with no parameters
POST https://prd.eu-ccapi.kia.com:8080/api/v1/spa/vehicles/VID/charge/target HTTP/1.1 {"targetSOClist":[{"targetSOClevel":90,"plugType":0},{"targetSOClevel":90,"plugType":1}]}

Start/Stop charge:
POST https://prd.eu-ccapi.kia.com:8080/api/v2/spa/vehicles/VID/control/charge HTTP/1.1 {"action":"start","deviceId":"3a..61"} {"action":"stop","deviceId":"3a..61"}

Request scheduled charging info:
GET https://prd.eu-ccapi.kia.com:8080/api/v2/spa/vehicles/VID/reservation/charge HTTP/1.1

Set scheduled charging
POST https://prd.eu-ccapi.kia.com:8080/api/v2/spa/vehicles/VID/reservation/charge HTTP/1.1
{"deviceId":"3a...61","reservFlag":1,"offPeakPowerInfo":{"offPeakPowerFlag":2,"offPeakPowerTime1":{"endtime":{"timeSection":0,"time":"0500"},"starttime":{"timeSection":0,"time":"0200"}}},"reservChargeInfo2":{"reservChargeSet":true,"reservFatcSet":{"airCtrl":0,"airTemp":{"value":"14H","hvacTempType":1,"unit":0},"heating1":0,"defrost":false},"reservInfo":{"day":[5],"time":{"timeSection":0,"time":"0610"}}},"reservChargeInfo":{"reservChargeSet":true,"reservFatcSet":{"airCtrl":0,"airTemp":{"value":"14H","hvacTempType":1,"unit":0},"heating1":0,"defrost":false},"reservInfo":{"day":[4],"time":{"timeSection":0,"time":"0600"}}}}

Historic trip info - different queries

POST https://prd.eu-ccapi.kia.com:8080/api/v1/spa/vehicles/VID/tripinfo HTTP/1.1
{"setTripMonth":"202202","tripPeriodType":0}
{"setTripDay":"20220208","tripPeriodType":1}
{"tripPeriodType":0,"setTripMonth":"202202"}
{"tripPeriodType":1,"setTripDay":"20220209"}

Driving statistics:
POST https://prd.eu-ccapi.kia.com:8080/api/v1/spa/vehicles/VID/drvhistory HTTP/1.1
{"periodTarget":0}

Door lock/unlock v2 calls:
POST https://prd.eu-ccapi.kia.com:8080/api/v2/spa/vehicles/VID/control/door HTTP/1.1
{"action":"close","deviceId":"3a...61"}
{"action":"open","deviceId":"3a...61"}

[povlhp]

I can't find airbag status anywhere. status/latest is the most info I get

{"retCode":"S","resCode":"0000","resMsg":{"vehicleStatusInfo":{"vehicleLocation":{"coord":{"lat":56.000,"lon":10.00000,"alt":0,"type":0},"head":178,"speed":{"value":0,"unit":0},"accuracy":{"hdop":0,"pdop":0},"time":"20220209075147"},"vehicleStatus":{"airCtrlOn":false,"engine":false,"doorLock":false,"doorOpen":{"frontLeft":0,"frontRight":0,"backLeft":0,"backRight":0},"trunkOpen":false,"airTemp":{"value":"02H","unit":0,"hvacTempType":1},"defrost":false,"acc":false,"evStatus":{"batteryCharge":false,"batteryStatus":63,"batteryPlugin":0,"remainTime2":{"etc1":{"value":41,"unit":1},"etc2":{"value":730,"unit":1},"etc3":{"value":175,"unit":1},"atc":{"value":61,"unit":1}},"drvDistance":[{"rangeByFuel":{"evModeRange":{"value":280,"unit":1},"totalAvailableRange":{"value":280,"unit":1}},"type":2}],"reservChargeInfos":{"reservChargeInfo":{"reservChargeInfoDetail":{"reservInfo":{"day":[9],"time":{"time":"1200","timeSection":0}},"reservChargeSet":false,"reservFatcSet":{"defrost":false,"airTemp":{"value":"00H","unit":0},"airCtrl":0,"heating1":0}}},"offpeakPowerInfo":{"offPeakPowerTime1":{"starttime":{"time":"1200","timeSection":0},"endtime":{"time":"1200","timeSection":0}},"offPeakPowerFlag":0},"reserveChargeInfo2":{"reservChargeInfoDetail":{"reservInfo":{"day":[9],"time":{"time":"1200","timeSection":0}},"reservChargeSet":false,"reservFatcSet":{"defrost":false,"airTemp":{"value":"00H","unit":0},"airCtrl":0,"heating1":0}}},"reservFlag":0,"ect":{"start":{"day":0,"time":{"time":"0000","timeSection":0}},"end":{"day":0,"time":{"time":"0000","timeSection":0}}},"targetSOClist":[{"targetSOClevel":100,"dte":{"rangeByFuel":{"evModeRange":{"value":461,"unit":1},"totalAvailableRange":{"value":461,"unit":1}},"type":2},"plugType":1},{"targetSOClevel":100,"dte":{"rangeByFuel":{"evModeRange":{"value":461,"unit":1},"totalAvailableRange":{"value":461,"unit":1}},"type":2},"plugType":0}]},"chargePortDoorOpenStatus":2,"batteryPreconditioning":false},"ign3":false,"hoodOpen":false,"transCond":true,"steerWheelHeat":0,"sideBackWindowHeat":0,"tirePressureLamp":{"tirePressureLampAll":0,"tirePressureLampFL":0,"tirePressureLampFR":0,"tirePressureLampRL":0,"tirePressureLampRR":0},"battery":{"batSoc":87,"batState":0,"sjbDeliveryMode":0,"batSignalReferenceValue":{"batWarning":65},"powerAutoCutMode":2},"lampWireStatus":{"stopLamp":{"stopLampStatus":false,"leftLamp":false,"rightLamp":false},"headLamp":{"headLampStatus":false,"leftLowLamp":false,"rightLowLamp":false,"leftHighLamp":false,"rightHighLamp":false,"leftBifuncLamp":false,"rightBifuncLamp":false},"turnSignalLamp":{"turnSignalLampStatus":false,"leftFrontLamp":false,"rightFrontLamp":false,"leftRearLamp":false,"rightRearLamp":false}},"windowOpen":{"frontLeft":0,"frontRight":0,"backLeft":0,"backRight":0},"smartKeyBatteryWarning":false,"washerFluidStatus":false,"breakOilStatus":false,"sleepModeCheck":true,"time":"20220209075148","remoteWaitingTimeAlert":{"remoteControlAvailable":1,"remoteControlWaitingTime":168,"elapsedTime":"00:03:19"},"systemCutOffAlert":0,"tailLampStatus":0,"hazardStatus":0},"odometer":{"value":758.1,"unit":1}}},"msgId":"cc5480ac-897b-4b9d-b65d-6e2cd99c5fd3"}