Hi Guys
I had simple api call who was working until latest upgrade, like that “http://myhassip:8123/api/states/sensor.xxxxxx”
Since update I created user, add entry in my configuration.yaml
“http:
api_password: yyyy”
when I try “http://myhassip:8123/?api_password=yyyy/states/sensor.xxxxxx” he ask me for user password and never give json answers…
So can’i get ride off asking user password, my Hass is only on my local network or how get my call working again
The api call is wrong, that’s why you don’t get answers.
?api_password=YOUR_PASSWORD should be at the end of the call.
1 Like
Interesting 
, could you give example, I tried with:
“http://myhassip:8123/api/states/sensor.xxxxxx?api_password=yyyy”
“http://myhassip:8123/api/states/sensor.xxxxxx/?api_password=yyyy”
When I do “http://myhassip:8123/api/states?api_password=yyyy” I got “401: Unauthorized”
On .77 that shouldn’t be necessary anymore I think. I don’t have it and my api calls work fine.
First and last examples should be correct. There’s info in the docs under API
Hey Guys
tks for your help, got it working after fresh config…yaml and
homeassistant:
auth_providers:
- type: legacy_api_password
http:
api_password: yyyy
then “http://myhassip:8123/api/states?api_password=yyyy” list all my stuff
1 Like
No need add auth_providers: section, legacy_api_password auth provider will auto-configured since you have http.api_password configured.
1 Like
Could I ask I question to help me understand a little better?
I’m away on holidays so I can’t test this for myself until I get home.
I never had the legacy_api_password part setup (only been using HA for a few months) & I’ve aways has my api calls setout like: https://my_home_assistant.duckdns.org:8123/api/services/script/1234563678910?api_password=my_password
The my_password was the same as the password in the http section of my configuration.yaml.
Now we are on 77.2 - does this mean I could have one password for the api calls & another for logging into the front end of HA?
Many thanks
No, you still have only one api_password, eventually we will sunset it, replace with long-lived access token. After that, you can create multiple long-lived access token for different API call.
Many thanks for clearing that up for me 
I was hoping someone might be able to assist me with this.
When I remove the api_passowrd from the http: section of my config.yaml file & try to fire an api call, I get an error of:
Login attempt or request with invalid authentication from xx.xx.xx.xx
I’ve had a sniff around the forum to see if I can find a solution, I have seen a post from @awarecan that mentioned custom components could have an adverse effect, so I’ve commented that out and I still get the same error.
Would anybody be able to give me some guidance?
After updating to 77.3, my API service calls are broken.
For example, I used to be able to trigger script “TEST” by issuing a POST command to:
https://HASS.duckdns.org:8123/api/services/script/TEST?api_password=XXX
However, this is broken. If I try to access from my browser, I get an error of “405: Method Not Allowed.” My api_password component is properly configured and unchanged.
I see get these errors in my log:
Error doing job: SSL error errno:1 reason: HTTP_REQUEST
Traceback (most recent call last):
File “uvloop/sslproto.pyx”, line 504, in uvloop.loop.SSLProtocol.data_received
File “uvloop/sslproto.pyx”, line 204, in uvloop.loop._SSLPipe.feed_ssldata
File “uvloop/sslproto.pyx”, line 171, in uvloop.loop._SSLPipe.feed_ssldata
File “/usr/local/lib/python3.6/ssl.py”, line 689, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: HTTP_REQUEST] http request (_ssl.c:841)
Error doing job: SSL handshake failed
Traceback (most recent call last):
File “uvloop/handles/stream.pyx”, line 609, in uvloop.loop.UVStream._on_eof
File “uvloop/sslproto.pyx”, line 171, in uvloop.loop._SSLPipe.feed_ssldata
File “/usr/local/lib/python3.6/ssl.py”, line 689, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: HTTP_REQUEST] http request (_ssl.c:841)
Any ideas on how to fix this?