0.77: Authentication system 👮‍♂️ + Hangouts bot 🤖


Look at the dialog on post 205. It should be Settings -> Privacy & Security in English. I guess, the appropiate button is labeled “Exceptions …” and in the resulting dialog enter your Home Assistant’s access URL incl. http:// or https://, finally click on “Allow” to whitelist the URL.


Is this the wrong place for this post? Should I post this elsewhere?

Edited: Sorry, installation issues from the above post.


I cannot address your exact issue and it’s cause but I have seen many things resolved with the new release by clearing your cache in the web browser you are using to link and also doing a hard refresh on your browser when you attempt to login ( Control r ).


Yes, that did it Thank You very much!!!


The authentication is an absolute nightmare. My devices keep getting banned and I can’t even get to a login page. I finally got in on my computer after having to unban myself, but my phone just keeps getting banned. ARGH!!! This is so frustrating. I have cleared cookies/storage/history/blahblahblah…The logs just keep saying invalid authentication…why did I upgrade?


Do you use the google Authenticator?

Are you still using http: password?


I still have this configured


I assume you cleared your phone too?

I had to clear safari on my iphone.

Settings>>Safari>Clear History and Website Data

Now I don’t have any issues

I also downloaded Google Authenitcator from the app store. This allowed me to connect to the UI from the iOS app.

I hope this helps!


So the fix, EVERY time you clear the credentials in Home Assistant, is to clear all browsing history and local storage from ANY and every client machine you use to connect to it…

This is a pretty bad option, with the whole ‘wife acceptance factor’ thing. I had to clear ALL of her Chrome browser on her phone to get her logged back in, and I had to clear everything on my browser on my phone…as well as browsing history on my desktop, my laptop, my VM…someone needs to rethink this.


This has been resolved in release 0.78 beta. If the saved token became invalid for any reason, you will be redirect to login form.

On RPi 3 B+, HA is updated to v 0.77.2. HassOS updated to 1.10.

Nearly all is working well. Life is good. Thanks to all the devs!

I, too, have the issue of being unable to download a Snapshot file since being on Auth. The error generated is:
“You need to use a bearer token to access /api/hassio/snapshots/c6c160f5/download from”

Thanks again for everyone’s hard work. It is appreciated!

Same issue here. Did you resolve this?


I think it’s a known issue… not sure and can’t check 0.78 however you should still be able to copy it off if you have the SMB Samba add-on setup and configured.


good point. I’ll try the samba option.


Using the Samba route as an alternative is checked and fine for now.


Is there any way to set the user and password from the config files? I’m deploying with docker on a dynamic cluster with periodic redeployments. HA is more and more becoming unusable for me, as features require user interaction during setup and no matching config options are available. (first the chromecast integration and now user/password bootstrapping)

[This is a kind request to keep everything configurable from the config files]


You put a onhoarding file in .storage folder to bypass onboarding process, but you need find a way to generate .storage/auth file


clean install here, clean sd card. no configuration yet.
created an account on the first screen and trying to get in the


screen but my newly created account is invalid…


now what? I cant reach the system yet via SSH or Samba because I havent installed that yet…cant get back to the first ‘create user account’ page.

Clean install (no upgrade) Hassos won't let me in

I couldn’t help but notice the hassio-2. Is there another hassio on your LAN?


yes, I have installed this on a new Rpi3B+


Thanks again. Works as advertised with Trusted Networks for simple installation.

Would be a UI improvement: When Trusted Network is enabled, and the connection request comes from a matching IP, the Auth method should be chosen as Trusted Networks and a username should be pre-populated, requiring only a single click to log in (or choose a different auth method if desired).

As other have stated clearing “browsing data” does require a redo of the auth process.

This is me testing on 0.78.3 and replying in the .77 thread. Yes I know .79 is out - I’ll get to that.

Overall vote on auth system: Keep it, but make little tweaks like the one above. If the auth system lets me get things like custom views per user, it’s well worth it.