File Configurator 401 unauthorized error

Several days ago my system crashed due to a bad SD card. (Running on RPi4)
Unfortunately when I attempted to recover from a recent snapshot I found that the snapshot had failed to backup the homeassistant core area (not sure why this happened and I have not found the right log to look in yet). I will address that problem sometime in the future.

I was successful in making a new install on a fresh SD card. I was able to restore what was in the snapshot. I was still able to read the homeassistant folder on the old SD card and had copied it. I then manually copied files from the old homeassistant folder to the new system via Samba.

The good news: Everything is up and running and I did not loose all of my front end configuration work.
The bad news: The only thing that is not working is the “Core Configurator” add-on. When I open it, it returns a 401 Unauthorized error.

I stopped and restarted it - no change.
I uninstalled and reinstalled - no change.
I rebooted the host - no change.
The log from HA CLI add on logs are as follows:

[s6-init] making user provided files available at /var/run/s6/etc…exited 0.
[s6-init] ensuring user provided files have correct perms…exited 0.
[fix-attrs.d] applying ownership & permissions fixes…
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts…
[cont-init.d] done.
[services.d] starting services
[services.d] done.
INFO:2020-05-10 11:21:05,194:hass_configurator.configurator:Starting server
INFO:2020-05-10 11:21:05,196:hass_configurator.configurator:Listening on:
INFO:2020-05-10 11:21:46,459:hass_configurator.configurator: - “GET / HTTP/1.1” 200 -
INFO:2020-05-10 11:21:46,906:hass_configurator.configurator: - “GET /material-icons.fallback.css HTTP/1.1” 200 -
INFO:2020-05-10 11:21:46,911:hass_configurator.configurator: - “GET /style.css HTTP/1.1” 200 -
INFO:2020-05-10 11:21:46,953:hass_configurator.configurator: - “GET /jquery-3.4.1.min.js HTTP/1.1” 200 -
INFO:2020-05-10 11:21:46,972:hass_configurator.configurator: - “GET /materialize.min.js HTTP/1.1” 200 -
INFO:2020-05-10 11:21:46,990:hass_configurator.configurator: - “GET /js-yaml.min.js HTTP/1.1” 200 -
INFO:2020-05-10 11:21:47,191:hass_configurator.configurator: - “GET /xxxxxxxxx/ HTTP/1.1” 200 -

The xxxxxxx in the last line of the log looks like it is a secret of some kind so I did not include. Any ideas on next steps to fix this? I believe something I did with copying the files with SAMBA is the cause, but I don’t know what.

Also, Configurator shows no files available to edit. So it looks like it does not have the right permissions to access the config folder.

Can you try it with a different browser or in whatever private mode your browser has? The configurator memorizes the last location that it has accessed. If this location isn’t present anymore after your crash that could be a problem. Using a fresh browser will result in accessing the base directory.


Thanks for the suggestion. I am typically a Chrome user. I tried in an Incognito window with same result. I also tried with Safari with the same result. Later today I will reboot my iMac (it has been weeks since I rebooted it) and check but I doubt it will make a difference.

I finally had a chance to do a cold restart of my iMac that I use to interact with HA. No change to the file configurator. Still get the 401 error. I have restarted HA Core and Supervisor multiple times with no change. Note, I can edit all of my config files via SAMBA with no issue. Being able to use the File Editor is a convenience not a necessity. My biggest desire is to find what is broken in my configuration so I can clean it up so it does not cause problems with a future update.

Could you post the part of the log where it actually shows the 401 error? You only included the successful 200-requests.

I’m not sure where to get it. The 401 error shows up on the “File Editor” page itself with many pages of what looks like JSON or XML. What I shared is all that was in the supervisor logs. I can increase logging if the would help but I am not sure what to change to get increased logging on an Add-On.

Please make a screenshot and post it here so we can see what kind of error you’re actually getting. Because from what you’re saying the configurator works just fine, it just does not have access to open files, which might be due to different file permissions compared to before.

A screen shot is attached. I also believe it is a permissions issue. The logs indicate that the permissions are checked and passed but I don’t think so.

1 Like

Since I don’t use hassio I can’t exactly say where to look at. But the configurator requires an Access-Token to query the HASS API. With a standalone installation it would be this option, where you would configure a long-lived access token you can create in HASS. I believe hassio automates this under the hood to some degree, but I don’t know about the details. In any case, that’s the direction where you have to look I think.

Installing supervisor 110 solved this problem. I never figured out what caused it, but upgrading fixed it. Thanks

When I use the external_url with SSL, I get this error. When I use the internal_url also with SSL (but invalid certificate), I don’t get this error. I suspect this is a feature to prevent editing of the configuration file by external urls.

I’m having the same issue. I thought installing the next version of supervisor would rectify the concern. Recently upgraded from 114 to 115.2, but am still having the result of 401: unauthorized when using the the task bar icon core configurator. I am successful with opening the file editor directly in the file editor add on open Web UI link. I am also successful when using a different web interface (Firefox). I cleared my cache in Chromium, uninstalled/reinstalled the add on, but this did not correct the problem. I don’t see anything in my logs with respect to this issue. There appears to be some setting retained, as described by danielperna84, but I’m not savvy enough to create long lived tokens, etc. Any insights appreciated.

I was able to get mine to work after the original failure but then it failed again the next time I upgraded core. I never did figure out the source of the problem but believe it may have something to do with http vs https. Ultimately I shifted to the Visual Studio Add-on. No issues with unauthorized access and a better IDE, so a much better solution. I am running on a x86 install now rather than an RPi4 like before but my understanding is that the Visual Studio Add-on now runs on the RPi4 so you may want to give it a try.

hello in my case i’ve Chrome.
I have solved this problem by deleting my history and cookies.
After no 401 problem :slight_smile:

I hope this will help you


I’ve been running into the same problem after switching back from https to http due to lack of support for the Android mobile app of self-signed https.

To resolve this, I had to do all of the following:

  • ensure that no internal or external URLs are set in the configuration
  • remove File Editor using Supervisor
  • restart HA server
  • remove all related cookies from my browser
  • install File Editor using Supervisor
  • restart HA server

Not all steps might be crucial - I didn’t experiment enough to find out what to leave out. However, together they did solve the 401 problem for me.

I set up local and remote access to my RPi4 Home Assistant using the instructions here and was getting the 401 error instead of the editor screen on my local laptop. I found simply clearing my cookies fixed the problem.

Note using this approach for local/remote access means I don’t get the invalid certificate errors as I access locally using http, not https.

1 Like

Same problem here with firefox after not using HA file editor for some time. I switched to Chrome and it works. Still not working on firefox.

In Firefox you have to disable ‘enhanced tracking protection’



This should be the accepted answer, not the current one.

Hello, this helped me. Thank you!.

1 Like