GPSLogger generates authentication error when leaving LAN

Hi, I’m on 0.8.1 and just setup GPSlogger for my GF Android phone as a device tracker in HA.
It worked great in my LAN until she left the house and got the cell network IP address, I got a bunch of those:

> Login attempt or request with invalid authentication from "her WAN IP address"

URL from gpslogger is sent to a correctly opened port and I use API password for GPSlogger setup in HA configuration.yaml.

Any idea? Same error when she got to her job Wifi network…

OK, I think I resolved it by not using the GPS logger password in configuration.yaml and use the API password (setup in the URL sent by GPSlogger).

I’ve had a similar issue and I’m under the impression that the legacy API auth will eventually be deprecated in favour the new auth system rolled out in parallel a few versions ago. As of 0.80.0 there is a webhooks component - could something like this be used with GPSlogger instead? I’m too much of a newb to set this up myself, but it seems like the right kind of solution.

You are right.

Haven’t been able to make this work, receiving 403 error.
Some questions for those who have it working:

  • in the ‘HTTP Headers’, did you put the ‘Authorization’ after the ‘Content-type’ entry?
  • did you use spaces, enter or something else to separate the two?
  • any way to debug this? No log entries so far as I can see.


I would like to know as well the exact format for the URL to setup in GPSLOGGER using the Long Live Access Token (example maybe)
I tried creating a token for it and use it in GPSLogger URL but it doesn’t work…
In HA, I can see the error authenticating:

Login attempt or request with invalid authentication from 192.168.XXX.XXX

I basically tried, at the end of the URL to add:

&Authorization: Bearer ABCDEFGH


‘&Authorization: Bearer ABCDEFGH’

***ABCDEFGH being my generated token of course.

Had to change it back to legacy API for it to work for now…


I hit Enter and put in the Authorization line.

You don’t put the access token in the URL

You need to put it in the HTTP Headers section, and not in the URL

YES! it works using the LLT instead of API password.
After I added it in the header instead and a milion typos later, it finally showed me a successful send.
Thanks a lot :slight_smile: