Help with Associations

I’m in the process of switching from Zooz to Inovelli but I’m having some issues. I bought two Red Series switches that I want to have setup as a 3-way switch using associations. They’re all wired up and working independently. However, the association wont work.

Here is the params for the switch with NO LOAD:

And with the load:

What am I doing wrong? I need to figure this out before I bite the bullet and buy a lot more switches

@EricM_Inovelli @Eric_Inovelli either of you guys have any thoughts?

Are they paired with the same security level?

1 Like

How did you setup the associations? I don’t see which hub you’re using to establish the association.

Winner! To the Inovelli team, maybe that’s worth mentioning on this article?


Agree entirely - I spent hours troubleshooting this very issue and @darthandroid got me sorted here: Issues with Associations and Hubitat

Would be good to add as a prereq in the docs!


Yeah. I won’t pretend to be a zwave expert, but it seems like for Hubitat anyway, sometimes the device doesn’t pair with security. And nothing in the UI tells you this so you don’t realize it until you look at the zwave details later.

1 Like

Yeah, ZWave’s security has some complexities, and Hubitat’s UI leaves much to be desired in some areas. A ZWave network is actually split into 5 sub-networks, each completely independent: Insecure, S0, S2 Unauthenticated, S2 Authenticated, and S2 Access Control. (I have a post about further details here: What am I losing/gaining by including dimmers with S2, S0 all turned off? - #11 by darthandroid ). Because the sub-networks are separate, for associations to work, the associated devices must have at least one security level in common.

When pairing a device in Hubitat:

  • If it’s insecure, Hubitat won’t prompt about security and just add as insecure.
  • If it’s S0-capable, Hubitat won’t prompt about security and just add as S0; You’ll read about people struggling to use insecure devices with S0 devices because you can’t force hubitat to pair an S0 device as insecure currently. (A workaround is to kill power to the S0 device during pairing, causing the security setup to fail and fall back to insecure)
  • If it’s S2-capable, Hubitat will display a prompt allowing you to select which security networks to which to add the device. If you select none of them, then Hubitat will pair it as insecure.

After a device has been paired, Hubitat will display the Z-Wave security settings in the Device Details’ Data section at the bottom of a device page. There are two fields of importance:

  • zwaveSecurePairingComplete: true - The device has successfully paired with security; Doesn’t exist on insecure devices
  • S2: <number> - Seems to be a bitfield of flags indicating which sub-networks the device was added with. 0x04 is S2 Access Control; 0x02 is S2 Authenticated; I’ve not tested other authentication types.

Yeah. If secure pairing fails for any reason, it’ll fall back to insecure and not tell you that it’s doing so. If you know you’re adding an S2 device, then the lack of a popup to select security levels will be a tip-off that it failed.


Awesome, this is terrific info. Thank you! Unfortunately, I feel like I need to dig in a bit more and learn more about zwave under the covers.

Glad you got it figured out. Security levels are mentioned in the KB article for using the association tool. The info could definitely be improved though. Thanks for the feedback.

How To: Use the Z-Wave Association Tool | Hubitat (

1 Like