Sense iOS Widget - via Scriptable

Hi everyone - I’d like to present to the community a script I’ve written for the (free) iOS Scriptable app, that displays your Sense usage plot on your home screen!

You can configure the script to show your past hour, day, week, month, or year of usage, and I’ve tried to replicate both the light and dark mode styles of the Sense app.

You can find the installation and usage guide here:

And here are some screenshots:

While it’s not a fully “live” view like the plot in the Sense app, it does pull and plot actual Sense data via the unofficial API. The plot is updated at whatever interval iOS decides to update the widget. I only implemented a “medium” (2x1) widget size, but supporting other sizes would just need some rearranging and tweaking of element positioning.

One thing it’s missing is support for solar production - it should be totally doable, but as I don’t have solar myself I don’t know what exactly the API provides! I welcome any input from others here to get it implemented.

Hope people find it useful, and feel free to throw out suggestions and ideas (or any issues you find)!

this is great idea !!! I’m worried about logging information not sure if you can clarify how secure this is, but this is something sense should think about implementing…

1 Like

Thanks! Agree, we can hope the Sense devs have a first-party implementation in the works! And great question on the security aspects.

The script needs your login info to access the Sense API obviously, so unfortunately it does need to know them at least initially to grab the API authorization token. It then stores them in the iOS Keychain, which is a fairly secure place. You can inspect the code to see that the script itself doesn’t send them anywhere other than to Sense.

The question then might be your trust in the Scriptable app, in that you trust the (sole) developer isn’t scraping any info maliciously. Personally I doubt that’s happening, but it’s certainly up to each user to decide.

Other scripts in Scriptable might also be able to pull those values from the Keychain as well, if they were specifically crafted to do so. That is perhaps the largest risk, but it would only be a concern if you run other Scriptable scripts without reviewing them (which I totally get is a bit like saying “just read this simple ToS agreement real quick”).

As I was typing this response, I did realize there’s an approach to keep the username and password out of the script and Keychain altogether. The API requests really just need the token, so that alone could be stored. It would just require the user to run the script within the app the first time (or when the token refreshes) and supply the credentials in a pop up. I’ll look to implement this in the next day or two!

Just to give you an update - I’ve revised the script so now it prompts you for your login info, and doesn’t store it. See these lines of code, specifically.

It does still store the token in the iOS Keychain, and thus the risks to users are (1) Scriptable being untrustworthy, or (2) other scripts maliciously stealing Keychain info, and specifically targeting Sense users.