A comment here also says this is the case: https://news.ycombinator.com/item?id=46544001

Looking over the API docs seems to confirm what the comment you referenced and the poster I linked here is saying. I'm seeing calls to virtually press buttons on the speaker, set the input source, to query the presets, and some zone-relayed calls, but nothing about actually playing audio from network sources.

For the call re: presets I see:

> Description: Presets are a core part of the SoundTouch ecosystem. A preset is used to set and recall a specific music stream supported by the SoundTouch speaker

There's a GET method that returns information about presets. Presumably you'd use a POST or PUT method to manage the presents. To that end, under POST, it says:

> POST: N/A

It looks like this API basically allows you to control it like an dumb speaker. That's not nothing, but it's not much either.

There doesn't seem to be anything in the API about controlling how the speak communicates with a back end service.

Edit:

Having some time to read over your [2] and the link to [0] it looks like getting root on the speaker w/ physical access is ridiculously easy. Booting the unit w/ a FAT32 USB drive attached with a file named "remote_services" in an otherwise empty root directory opens up an ssh server and the root user has no password.

The comments on [0] have some interesting tidbits in them, too.

These speakers look like they might be fun to play with and once Bose kills the back end people may unload them cheap.

[0] https://flarn2006.blogspot.com/2014/09/hacking-bose-soundtou...

Ah, that makes sense as well. Not sure why I fixated on what the speaker might call out to, and didn't think of what might want/need to control the speaker.