Application Credentials - Support local oauth redirect endpoints

abigmoocow · November 17, 2022, 11:05pm

I’ve been running Google Nest home assistant integration for quite some time and recently decided to move the built in credential support. Unfortunately, I noticed that the following redirect URI needs to be specified for auth requests: https://my.home-assistant.io/redirect/oauth.

I am running home assistant core via container and am lucky enough to have my own domain name / static IP / TLS certs to not depend on Home Assistant cloud.

Ask: Can you please allow override of the oauth endpoint to enable redirection back to my local home assistant deployment? I don’t want to depend upon my.home-assistant for the redirect. With the previous integration, I simply specified https://mydomainname.com/auth/external/callback and it worked fantastic.

Thank you!

allenporter · November 23, 2022, 4:40pm

Hello. You need to disable my home assistant which will then let it use the url you use to access home assistant for the redirect (requiring public dns, tls, etc, which you have setup. I am adding this extra detailed explanation for the benefit of other users)

rcolline · November 5, 2023, 10:19pm

I ran into this and created (Enable override of redirect_uri in applications_credential. by rcolline · Pull Request #103473 · home-assistant/core · GitHub) to fix this issue. It lets you specify application_credentials.redirect_uri in the configuration.yaml to override the my.home-assistant.io behavior. I felt leaving ‘my’ was going to be a ton of work, so this felt more localized.

I am not sure this is the best way, but if you like it, maybe we can get something like this in.

allenporter · November 6, 2023, 1:16am

The supported way to do this is to disable my home assistant.

Generally, my assumption is there is no reason to really need to do this anyway unless the goal is to just not trust my home assistant. Technically it’s just for passing in the initial oauth token then never used.

So just disable my home assistant if you don’t want my home assistant or leave it. I don’t think it’s worth more configuration options.

rcolline · November 6, 2023, 2:26am

Thanks for the quick reply Allen! I looked at that solution you linked to and its more than just disabling ‘my’ its also disabling the use of default_config: which appears really useful. It seems that if one disables default_config i 1) One has to specify all the config included default_config and 2) One has to keep up to date with all updates and ensure my new config matches the defautls in default_config for all other entries than the redirect_url.

This seems like a baby with the bathwater situation to just change one thing. Its one thing to not use my, its another to not use default_config. Did I misread something?

I am also wondering how from looking at Default Config - Home Assistant I can figure out the current config. Thoughts?

colordrops · January 15, 2024, 10:28pm

How exactly does one disable “My Home Assistant”? I can’t find it in the UI and google turns up nothing.

rcolline · January 16, 2024, 10:38am

You need to remove default_config: then re-specify everything that default_config: contains except my home assistant (my:). You can see everything default_config: implies here: Default Config - Home Assistant

I hope this helps!
Ray