I give up, why can't I login?

So I’ve been using home assistant for a very long time without issues but recently upgraded the SSD in my NUC so had to transfer everything over and also got a new router so had to redo a lot of configuration, most of it has been straight forward but this is making me pull my hair out.

Basically over the local network/http everything works flawlessly but I have a domain name to access home assistant remotely and securely over https and this is where the problem now lies

I can access home assistants logon screen through my domain but if I put my username and password in I just get another screen with a button saying “start over” and if I press it I just get back to the logon screen so I cannot access home assistant remotely

I’ve been searching/playing/tweaking for hours now and got no where, this is everything I know so far:

Looking in my browser its got an error “Failed to load resource: the server responded with a status of 403 () /auth/login_flow/…”

Home assistant gives the error “Login attempt or request with invalid authentication from 172… (172…). See the log for details.”

I use nginx proxy manager and cloudflare for SSL (even tried “NGINX Home Assistant SSL proxy” addon but had the same problem)

What’s weird is I believe all my settings are the same as previous, I am using the same configuration for home assistant, I’ve setup nginx the same, I’ve not made changes to cloudflare

So what give’s?

It’s odd that I can access home assistants logon screen but not get any further, this must be some stupid setting I’ve missed somewhere…

I really don’t know what to do or what to try next but this really is driving me mad, I hope someone can help…

First thought (and I could be completely wrong) would be the trusted_proxy setting in HA. Is nginx proxy manager running on the same system as HA, or a different system? Do the IP addresses still match?

Trusted proxy seems to be correct because if I remove it I can’t even access the login screen (400 error), I’ve made sure it matches the nginx ip, everything runs on the same NUC/system

EDIT: even tried trusted_proxies: - to no avail

I’ve definitely had this and you aren’t crazy.
This happens when websockets fails.

If you have a look at the browser console (usually F12) and go to the “Network” tab you should see sockets failing and highlighted in red.

I’ve used NPM and I am trying to recall what I might have had to do to get around this.

This makes me suspicious as it shouldn’t say “172.x.x.x” as that is a docker network address. If proxying is on correctly, HA should use the provided proxied host IP and not the IP of your NPM container.

This is what my subsection for configuration.yaml looks like if it helps?

# Uncomment this if you are using SSL/TLS, running in Docker container, etc.
  use_x_forwarded_for: true #  **NOTE:** I think you need this but aren't using it

Not sure about websockets, I know its support is enabled in nginx proxy manager but that tab you say about showed “Login blocked: User cannot authenticate remotely”

I don’t think its configuration.yaml, I’ve tried everything I can think of there with the same result

Not sure where to go from here…

Did a dirty straight through test and opening up the ports and using http works perfectly fine so the problem is something to do with ssl/nginx or something…

Spun up my old NPM and logged in fine. This is what I have it as:

Details Tab




So you were trying to terminate to HTTPS on Home Assistant IP? Or where you trying to route within the docker network from NPM to HA?

Sorry that didn’t read english to me lol

I opened up ports on my router so I could test outside access works to my home assistant over http and it does

Opening up HTTP on the router is a terrible idea. It would be trivial to see passwords and cookies in plain-text.

Have you gotten NPM to work within your network via HTTPS?

Doesn’t matter if I access my domain from within my network or not I get the same problem

Not, untrusted proxy or network. The provided credentials are wrong, the token has expired or the authentication method is wrong.

After playing with it all night I finally found the problem

The issue was with the .storage\auth file

I deleted this file and it worked! I had to do a few modifications to users to get it up and running but I didn’t mind that as its now working 100% and even got a A+ SSL rating :smiley:


This is a restriction on the “People” profile. Make sure to un-select the restriction local access only!

1 Like

How do you find the file when you can’t get into the Home Assistant?

If you have SSH tokens, you can get into those folders without needing to log into the browser.

I keep running into this issue with my Raspberry Pi in my Kitchen.