API/URL to check valid authentication token

Loredo · December 11, 2018, 1:35pm

Hello everyone,

I was looking at the documentation to find some more information about how the authentication mechanism works.
To me it seems it is purely JavaScript based which is a little sad. I was hoping to find a URI somewhere which people can directly access after authenticating and where the authentication bearer will automatically be sent to. That URI should then respond with the respective HTTP code 2xx or 4xx.

The use case I have in mind to re-use existing authentication together with NGINX reverse proxy and it’s auth_request option for conditional forwarding to backend servers.

Can somebody say if such URI exists already somewhere in HASS or whether this might be considered for implementation as a feature request?

Many thanks,
Julian

maxandersen · December 11, 2018, 3:57pm

Cant verify atm but i believe /api/info wont respond without valid token.

lhoracek · December 27, 2020, 7:53pm

Any solution on this topic? I’m trying to run without supervised install and trying to add some more features as iframe panels that run on behind nginx proxy on sub-path. But I would like to reuse authentication from home assistant using exactly this subrequest nginx feature.

oeiber · January 11, 2021, 9:13am

I’m also interested in using nginx’s auth_request module for implementing internal webservices in has using iframe panels.
Is there a subpage which responds with http 200 if a user is authenticated or with 4xx if the user is unauthenticated?

thank you!