Last week from my laptop at home, I asked Claude to check on the office. It pulled the state of every entity in our setup, changed light.office from purple to amber, and fetched live snapshots from 7 cameras. Another teammate, on a different machine, was running their own Claude session against the same NyxID at the same time. Neither of us pasted the HA long-lived access token (LLAT) into anything. Neither of us opened the office network to the internet.
All of that runs on a layer we built called NyxID. We started it because we kept pasting API keys into agent configs and worrying which one to revoke when something went wrong. After a few months of that, we realized once you have a layer that brokers credentials, you have a layer that brokers an AI agent's reach into the physical world. So that's what we use it for now: cameras, lights, thermostats, the office gateway, a Unitree Go2 we used to need a remote for, plus a Hermes agent doing the office snack run (more on that below).
Sharing what NyxID is, who it's for, what we actually run on it, and what's still broken.
Who this is for
If you self-host HA, have a few API keys and integrations to keep track of (Hue, Z-Wave, Tapo cams, smart lock, your homelab apps), and have started letting Claude / Cursor / Codex touch any of it — this post is probably for you. Especially if you've already wired up something like Cloudflare Tunnel or Tailscale to get to your HA from outside, and you're not totally happy with how your long-lived access token (LLAT) ends up pasted in .env files and across machines.
If your HA is purely local, no remote access, no AI in the loop, the gateway doesn't add much yet.
What sucks today
This is the pattern most self-hosters end up in:
-
Remote access is a side-project. Cloudflare Tunnel + DDNS + a TLS cert + a custom domain, just to be able to glance at the dashboard from a coffee shop. Then you cross your fingers nothing on that exposed path gets scanned.
-
The LLAT goes everywhere. Once you have a script or a workflow that calls HA, the bearer token ends up in
.env, in a Codex config, in n8n credentials, in a Pi Zero somewhere. Rotating it means hunting all of them down. -
AI agents need the same key. Want Claude or Cursor to "check on the cameras"? You hand it the raw HA bearer. Now an LLM with prompt-injection surface has full HA blast radius.
-
No per-agent revoke. All your agents share the same LLAT. Burn one, you burn all.
-
Multi-credential is a mess. Hue API key here, Tapo cloud creds there, Pi-hole admin password somewhere else. Each one paste-key-into-
.env, none of them scoped to a specific caller.
What NyxID does about it
NyxID is a self-hosted reverse proxy + credential broker. The short version:
-
Your HA URL stays inside your network. NyxID's public entrypoint is the only thing exposed. A NyxID node agent runs on your hardware (Pi, NAS, whatever) and holds a persistent WebSocket back to the proxy. No port forwarding, no Cloudflare Tunnel, no DDNS.
-
NyxID holds the HA LLAT server-side. You never paste it into an agent config. The agent gets a scoped NyxID access token instead. The token is yours, per-agent, revocable on its own. Burning Claude's token doesn't touch Cursor's.
-
One open-source gateway, multiple credentials. Same proxy can broker Hue, Tapo cloud APIs, Grafana, Jenkins, whatever else you self-host. Each credential lives in a node you trust (your hardware or an org-managed one), encrypted at rest.
-
Optional phone approval. For touchy operations (anything that actually changes state in your house), the gateway can require a push approval before the call goes through. You see what the agent wants to do on your phone, you tap approve / deny.
-
REST → MCP wrapping. Any REST API you've already pointed NyxID at can be exposed as an MCP server, so MCP-aware clients (Claude Code, Cursor, your own) can call it natively.
You have the credentials, you have the network. You just want one token that gives scoped remote access without exposing the URL, plus the rest of the gateway features when you want them. (Full comparison with HA Cloud and Cloudflare Tunnel in the "How NyxID fits" section below.)
What we actually run on it now
We dogfood NyxID at our Singapore office. The setup:
-
Cameras — 7 office cameras plus the Go2's onboard cam (all Frigate)
-
Mikrotik router — gives us LAN presence / device tracking
-
Hue bridge with 2 lights
-
Aqara M1S hub — zigbee sensors via HomeKit Controller
-
Unitree Go2 quadruped
-
2× ESP32 voice-presence cams (our own, MQTT)
-
Apple Home bridge out — HA's HomeKit bridge plus per-room cam bridges, so the same setup is reachable from Apple Home for family / non-NyxID use
-
The office gateway is where our NyxID node sits. That's how the team's Claude / Codex sessions reach into the internal network without us exposing it
-
One Hermes agent watching the snack shelf (more on that in the next section)
Team members hop in from wherever they are: some from home, some from the office. Our ops lead bound the HA services to NyxID once, then added each of us as a team member of that NyxID account, so we each see those services through our own NyxID identity with our own per-user access token. Nobody has the raw HA LLAT.
Here's what I've actually done this past week from my Mac:
-
Glance at the office from anywhere. "Claude, what's at the office right now?" → entity state summary in seconds. No HA Mobile app, no opening the dashboard. (Real run: 102 KB back, HTTP 200.)
-
Look at a camera without opening a port. "Show me what reception looks like." → live JPEG, 1 HTTP GET, ~100 KB. The HA URL was never on my client.
-
Change a device by name. "Make office light amber." → service call → light changed. Took 1 POST. Bonus: the Hue color gamut clamped my requested
[255,200,0]to[255,199,48]on the return — that's how Hue maps non-prism colors. Not the proxy's fault, just real HA behavior surfacing through cleanly. -
Run a "looks normal?" sweep. Pull all cameras, compare watermarked timestamps against system UTC, flag anything weird.
Things the gateway also supports that I haven't personally driven yet:
-
Let an agent draft your automations. With the proxy in place, Claude or Cursor can see your current entity / area / device structure directly, so you can ask for an automation YAML that fits your house instead of pasting state in and out by hand.
-
Run multiple agents in parallel. Hand Claude one scoped token, Cursor another, your home worker a third. Revoke any one of them without touching the others.
-
Phone-approve sensitive calls. Sensor triggers, automation actions, anything you don't want fully autonomous: the gateway can require a push approval on your phone before the call lands.
What we're wiring up next
A camera points at the snack shelf in our office pantry. A Hermes agent pulls snapshots from camera.pantry and camera.pantry_fridge through the NyxID HA proxy (same path the rest of the post describes), runs an inventory prompt over them, and does the front half end-to-end: identifies which snacks are low, finds the right products on a grocery site (fairprice, in our case), and drops them in the cart. Right before it places the order, it pings us on Lark with the cart contents. We hit OK and it completes the checkout end-to-end.
So the loop is closed — stock drops, agent finds product, fills cart, asks for one human ack, completes checkout. The only reason a human is still in the loop is that we like having a sanity check between agent-perceived inventory and a real card charge. That gate is a feature of how NyxID routes the request, not a missing piece of the agent.
Other things on the wiring list: more sensors across the office, and the Unitree Go2 — we're planning to wire it up through the gateway's SSH tunnel into the internal Go2 SDK (same scoped-token model as the HA proxy path) so Claude Code can drive it instead of the dedicated remote, plus picking up enough of a behavior library to actually be useful (right now it's "drive it for fun" — closing the loop between "Claude wants the Go2 to do X" and "the Go2 has a primitive for X" is the next piece).
What broke this week
One thing worth flagging before you wire it up: first-time setup isn't fully smooth yet. Our HA Add-on (ChronoAIProject/nyx-homeassistant-node) is live and we're patching install bugs this week (currently on 1.1.1-alpha.5 as of writing). If you hit something during install, open an issue on the Add-on repo and we'll dig in there. If you'd rather skip the rough edges entirely, DM me and I'll walk you through the connect step in 15-30 min. I'll update this thread when the install path is smooth.
How NyxID fits with the rest of your stack
If you're already running Cloudflare Tunnel / Tailscale / Authelia / mTLS for HA: NyxID handles the per-agent token layer, not the network exposure. It's a complementary piece, not a replacement.
This isn't trying to replace HA Cloud either. HA Cloud handles remote access and voice without you setting up your own tunnel. NyxID is for those of us who already roll our own remote access and just want one token that gives scoped agent reach without the LLAT making the rounds.
Apache-2.0, self-host or hosted. Repo: github.com/ChronoAIProject/NyxID.
Wrap-up
Happy to answer questions in this thread. Hosted side: nyx.chrono-ai.fun · invite code NYX-LFL4JWU2, no waitlist.
I'll keep this thread updated as we ship: WS auth fix, snack-shelf agent moving from one-tap-ack to full auto-checkout, new HA capabilities the proxy supports, whatever else comes up. If you want to be a design partner for the rough edges, DM me.
(Disclosure: I'm part of the team that builds NyxID. Sharing what we actually use internally and what broke along the way.)