Home Assistant and Authentik / please help! (auth/token)

Hi all.
I am trying to get SSO through authentik working and I think I ran into a common issue that is also mentioned in the authentik documentation for home assistant:

Only prefixes starting with /auth need to be proxied (excluding prefixes starting with /auth/token )

My logs show that home assistant succesfully connects to authentik and identifies the users, but then ends with this warning:


2025-02-03 18:24:42.233 DEBUG (MainThread) [custom_components.auth_header] Got actual IP 10.12.22.32

2025-02-03 18:24:42.233 DEBUG (MainThread) [custom_components.auth_header.headers] Validating access for IP: 10.12.22.32

2025-02-03 18:24:42.233 DEBUG (MainThread) [custom_components.auth_header.headers] Checking user: My Name

2025-02-03 18:24:42.233 DEBUG (MainThread) [custom_components.auth_header.headers] Found username in credentials: max

2025-02-03 18:24:42.233 DEBUG (MainThread) [custom_components.auth_header.headers] Username match found, finishing login flow

2025-02-03 18:24:45.449 WARNING (MainThread) [homeassistant.components.http.ban] Login attempt or request with invalid authentication from nginxproxymanager.lan (10.12.22.32). Requested URL: ‘/auth/token’. …

I tried several ways to fix it. E.g. adding ^/auth/token.* to the unauthorized path section in authentik, amongst other paths mentioned in this thread

Has anyone got it working? I could need some help. :slight_smile: It`s so frustrating…

HA 2025.1.4
Nginx Proxy Manager:latest
Authentik:latest