Illegal login - camera entity IDs always changing

I’m still puzzled why HA is not feeding the stream back to HA Dashboard.

I was looking at the camera_entity in version 073 and while it’s displaying a token HA Dashboard does not require one to display the stream

I created a user name and password and a long term token when setting up HA v087 but that’s purely for logging into HA. That’s nothing to do with HA Dashboard or the camera streams.

I did use the api_password without token in the dash file as you suggested but this made no difference.

I wonder what is causing this problem.

As a developer would you normally keep your system updated with the most recent release of HA.

you think so???. a developer is just someone who offers something he created for himself to other to use also.
there is not an obligation to check out HA every 2 weeks if there is something HA changing so you must also create an update to please others for free.
i think you forget that this is created in free time, for no money, by 1 person (with a little help), and that he has a live besides HA also

i personally think that the 2 week release from HA is insane, and i only update my system every few months. i really have no need to shutdown my heating, my lights, etc. make an update and hope that nothing breaks, every 2 weeks.
if i would do that, my wife would rip out everything.

I completely agree with you. I was just asking if it was something you would normally do.

I couldn’t agree more with the update cycle too. Maybe a stable release as a reference point and a beta version for those who want to spend their days testing.

I had v073 working nicely for an extended period and only realised that the whole authorisation/verification concept had been introduced at v076.

I tried updating with disastrous results so I reinstalled v087 and rebuilt my setup. Still trying to get it right as you’ve seen from today’s question.

Thanks for all your help!!!

Working perfectly in 0.87 here.

How about port number? 8123.

@nickrout yes I’m using 8123 as the port number in the url in the dash file

Could you paste a copy of the url from your dash file here so I can compare it with mine.

entity_picture: http://192.168.xx.yy:8123/api/camera_proxy/camera.dafang_motion_snapshot?token=d484e987c5e0e35dc52498605023ff7defdffe97bbef3736c6819de9f8295c85&api_password=xxxxxxx

The token I took from the dev-state page when first trying to set it up. It didn’t work so I added the api_password and then it did.

The token does keep changing on the dev-state page, I haven’t tried it without the token.

Ok so you use the token AND the api_password in the url. That’s interesting. I’ll try that and report back here.

Yeah but I doubt that the token is doing anything as it keeps on changing in HA.

you could also try the custom widget i created (and forgot about)
it mentioned in here

Thanks @ReneTode

I’ll try both options and report back the results.

@nickrout thanks for that. Unfortunately this solution didn’t work in my case.

I assume you are using an updated version 87. This is a fresh install and the legacy password wouldn’t apply here.

you can have legacy password AND tokens AT THE SAME TIME!
you just need to set the legacy password in the HA config.

what did you use for password untill now? the user password? that wont work. you need the legacy password also in 0.87

i updated my custom camera widget, but that also expects the legacy (API) password in HA

This is a fresh install of HA v87 not an upgrade. When installing HA I created a user name and password. In the camera widget url I have tried the api_password=thepasswordIcreatedforHA and it doesn’t work for me.

thats because you dont want to use THAT pasword.
if you would have read the things i told you, you would know 2 days ago that you need to add:

http: 
  api_password: !secret http_password

to your HA configuration
and you use THAT password and that IS the legacy api password

The problem I see is the use of refresh tokens in the camera_entity. I can use it’s current refresh token but as soon as 5 minutes elapses, the token in HA refreshes and as soon as I refresh the screen that token is no longer valid.

What I’m trying to figure out is what has changed between v73 and v87 to cause this problem. You did suggest earlier that the generic camera widget creator did not change the code to reflect the changes between the two versions of HA,

Am I wasting both your time and mine trying to get this to work. I have tried every combination I know in the url but all that will work for a short period is the inclusion of a short term token in the url for 5 minutes only

Have you tried what @ReneTode has suggested

My apologies @ReneTode and @nickrout I had the secrets.yaml file commented out while trying to figure out another problem last week.

I had the required line in the configuration.yaml and the secrets.yaml. They are both working correctly now and the stream is functioning correctly on HA Dashboard

Once again thank you both for your help in this matter.

any updates here? i also want to camera entity picture, can it be done without token?
dont want to use the API key, but bearer instead

wont be possible without api password, untill at least a new release from AD is there.

Although this is a fairly old thread, I want to document here that there is another solution which avoids using the deprecated api_key option:

home assistant configuration part:

homeassistant:
  auth_providers:
    - type: homeassistant
    - type: trusted_networks
      allow_bypass_login: true
      trusted_networks:
        - 192.168.100.123
      trusted_users:
        192.168.100.123: 2cfdca395f8d40d2b35ad2b61ddd5a03

^ where 192.168.100.123 is the IP-address of the e.g. tablet computer running the HADashboard and 2cfdca395f8d40d2b35ad2b61ddd5a03 is the User-ID of the designated user account mapping in Home Assistant.

HADashboard configuration:

camerawidget:
    widget_type: camera
    entity: camera.your-camera-entity
    refresh: 0.5
    base_url: https://your-base-url