Customize header request with JWT token to access HA

Is possible to send JWT token with pre-configured header request in the iOS app?


CF-Access-Client-Id: <Client ID> CF-Access-Client-Secret: <Client Secret>

Usecase is I’m using the Cloudflare Access and I would like to use service token which will bypass any authorization required by Access. More here.

This is not currently possible. There is a feature request for it which you can vote on.

I have good news - after some tests it seems even session on cloudflare access will expire somehow Home Assistant app remember notification settings and notifications still works.

Anyone found a workaround for this ? Working ok with IOS (With Auth0 instead of Google)

Here is an open PR for the Android companion app, let’s give this a like so it gets merged ASAP!

Does anyone know how this is going? Is there any chance it may be merged?

You can do this in another way by using Cloudflare Warp Tunnel (which then assures the source proxy server so JWT then isn’t needed) - and use the following header to get the authed user email: username_header: cf-access-authenticated-user-email

Another option is to use HA Proxy to parse the JWT and insert the username into an X-Header as well and again use header auth for HA Proxy.

To get the app to work behind CF Access I bypassed /api however SSO still works fine.

There was a pull for the app to allow custom headers, but it was rejected: Allow custom headers to be added by sevimuelli · Pull Request #2596 · home-assistant/iOS · GitHub