i have a person whom i trust, that i would like to give control of my home whenever they are over, but because i can’t control whether they lose their phone etc, I would like to only allow this access when they are signing in from a specific local ip address (their statically assigned ip address)
is there any way to do this? even a way to enable or disable an account as the result of an automation would work
Put their device in static IP on LAN network
Put that IP in trusted_networks
If they lose device or you want revoke access, you may simply ban them from LAN, move device static IP or remove from this list
You may also give them their own user/pass, else you may provide access to configuration
Configuration>>users>>"+"
they have an account already, which i assume means that they would be able to log in no matter what I did with trusted_networks right?
trusted_networks means login is bypassed. Pretty sure that allows access to configurations
User login allows person configuration access.
sounds like theres no way to do this without blocking my own access from outside my network then
Problem is, if they use the app, once they’ve signed in, they will stay signed in until the cache gets cleared or until it asks for a pw again (which could take days/weeks).
The IP ban option is nice, though, mobile phones tend to get different ip addresses every so often, so this won’t be the best option.
Before USERS existed I planned to run a second HA instance in docker for Guest Users.
Create all sensors and switches using template component then provide access to that.
In this case access to configuration has little importance and you may provide some specific interface for control of only required items. It can be fully customized for the person
this may help your goal
nice, i didn’t know there was a way to modify the UI with per-user settings, i will definitely be using this.
for now, ill have them use a url that only resolves on my local DNS.