Hello,
I will use Home Assistant behind a reverse proxy.
My reverse proxy use username&password und set the Authorization-Header.
I found out, that the Home Assistant API use the same Header. All Request to /api overwrite the authorization-Header with some of that: “authorization”: “Bearer [TOKEN]”.
After that, my proxy drop/denied the access, because the original authorization-Header is not available.
I mean, that these authorization header directives can not used for other things as proxies… Can I change that in the configuration, can that add in the configuration, that HomeAssistant use for the /api a other “free” field?
Sorry, I am not an expert. I found that, by fetch the Firefox traffic and the proxy-logs.
THANK YOU for every help.
EDIT: link with additional Infos/explanation in Answer1: api - Custom Authorization Header - Stack Overflow