How Premise Bixby Works

The Premise Bixby capsule lets you control your Motorola Premise home automation server with natural voice commands. For example, you can say: “Ask Premise to turn off the third bedroom light.” The capsule securely forwards your command through AWS and Cloudflare to your Premise Server, then reads back the result.

This page explains the end-to-end flow so you can set up quickly and understand where your data lives.

What you need

• Your Premise Server running and reachable locally.
• A Cloudflare Tunnel hostname that routes to your Premise Server.
• Your Premise SpeechParser GUID.
• Cloudflare Access service token for the tunnel (Client ID and Client Secret).
• A Premise Systems account (created during web onboarding below).

Setup is two simple steps

1) Web onboarding

1. Go to premisesystems.org/bixby and sign in with your Premise Systems account.
2. Enter your Cloudflare Client ID, Client Secret, and Premise SpeechParser GUID. Optionally add Premise Basic Auth if your Premise site requires it.
3. Select Save and validate. We store your credentials securely in AWS Secrets Manager and store non-sensitive metadata in DynamoDB. Validation checks that we can reach your Premise through Cloudflare using these values.

2) Link inside Bixby

1. Open the Premise Bixby capsule. The first time you run it, Bixby prompts you to sign in using our Cognito Hosted UI.
2. After you sign in, Bixby receives a secure OAuth token. Bixby uses this token for future calls to our API. You do not re-enter your Cloudflare or Premise credentials in Bixby.
3. Once you’ve linked your account the first time, Bixby will remember your login until you sign out.

What happens when you speak a command

1. You say a phrase. The capsule normalizes the text to Premise format.
2. Bixby calls our API at AWS API Gateway with your OAuth token.
3. Our AWS Lambda function resolves your identity from the token, looks up your saved host, GUID, and secrets, and sends the command to your Premise through Cloudflare Tunnel.
4. Premise executes the command and returns a text response.
5. The AWS Lambda function returns the text to Bixby. Bixby shows and reads it to you.

Security model in plain terms

• Your Cloudflare tokens, GUID, and any optional Premise credentials are encrypted at rest in AWS Secrets Manager in our account.
• Our API requires a valid AWS Cognito JWT. Only requests with a valid token can read your stored configuration and send commands to your Premise.
• All traffic between Bixby, AWS, Cloudflare, and your Premise Server uses HTTPS.
• The capsule does not store your tokens or Premise GUID. Bixby only keeps the OAuth token that represents your login.

Troubleshooting

• Bixby says “I ran into a problem.” Make sure you completed web onboarding first. Then try signing out and linking again inside Bixby.
• Validation failed on the web page. Confirm your Cloudflare Client ID and Secret, and that your tunnel maps to your Premise endpoint. Try the URL in a browser to verify reachability.
• Commands execute but no speech comes back. Ensure your Premise SpeechParser GUID is correct and that the response text is not empty.

Contact

Questions or feedback? Contact [email protected].