History, Log, Map, energy, is only for admins.
And for CAT casting is would be nice a password free acces account only to a lovelace webpage on local netwerk.
Agree. It may not matter from a security perspective but I like to clean up the GUI as much as possible for my wife, my kids, the baby sitter, family or guests staying here.
If it’s not relevant to users or if they don’t need it, they shouldn’t see it.
+1 on this. Want to set up an account for my kid but they dont need this level of access.
+1 on this. I have a motion sensor in the bathroom for the lights. I don’t want my wife to see how much time I spend on the porcelain throne.
+1
Current solutions aren’t safe and solid
+1 There’s no reason that my babysitter using the tablet, needs to be able to see where the wife and I are or any number of other things that aren’t explicitly set as available to that user.
Even if someone can make API calls etc. and that changing that would be hard to implement. Non-admins do not need to see these items on the side bar. Other sidebar items are currently able to be be shown or not to non-admins.
+1
I would really need this! Does someone already found a workaround on this?
Is there a possibility by modifying the default_config to hide those entries?
+1
need this too!!
+1 to this. I can’t fathom what sort of privacy HA is providing us if everybody who uses the system can check my GPS coordinates at any time.
For instance: I want to track my kids. I do not want my kids tracking me.
It seems there’s no way to do #1 without #2.
+1 for this. It would be great to have user-level access control for anything on the sidebar.
+1 for this.
+1 user roles should be implemented
+1 please, will be better
+1 need proper user management to be able to give home assistant guest user and dont worry about logbook and history and etc being exposed
+1
This is the only thing that stops me from creating an account for my relatives
+1
User management and basic security is a joke. After 5 years of having HA in a inactive container on my server, i activated it this month and see if it’s mature secure program. Some things a better. But the basic secure things like hashing password and user management are STILL not there after 9 years (in sept.) of programming…
I’m really surprised that it’s not possible to configure visibility of left panel items (map, history, records,…) like overview tabs. Some kind of users shouldn’t be allowed to see or event interact with record entries, because could be hidden from them in overview tabs. This is serious security issue.
Don’t confuse this request with security. This request is to make it more difficult for a casual user you trust to accidentally go poking in the wrong place and see what they aren’t supposed to.
If someone actually got access to your HA that you didn’t trust this change even if implemented would be meaningless. All the data that you can see in these tabs is accessible via the API. Hiding the tabs won’t stop an actual bad actor one bit, its security by obscurity.
That’s not to say this is a bad feature request by any means, I definitely voted for it. I just want to make sure its clear that even if implemented you absolutely should not give a login to someone you don’t really trust. It’s not really possible for an admin to enforce users can only see and do things they are supposed to in a zero-trust model. HA isn’t designed for that.
Finally created an account here, and for this! Whilst HA is amazing for what it achieves, the lack of even basic ‘security’ features astounds me. I have installed HA on my 13yo daughters phone so she can use some NFC tags I have. To make this feature work I have to install the apps which gives her access to tons more information than she has no need to see. WTF?
Bypassing the security conversation, this is important just for basic multi-user access features. The dashboard can be customized to hide tabs for different users. Why on earth can the sidebar not be customized? Do I really need my 13yo seeing where other family members are on a map? No. I also dont need her looking through logs.
This really should be a priority.
1+ for this also