Login attempt failed from iOS device

I have the HA iOS app installed on my iPhone. It keeps generating these notifications on my server-

Login attempt failed
Login attempt or request with invalid authentication from Walters-iPhone.dahoney.me ( (Mozilla/5.0 (iPhone; CPU iPhone OS 14_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Home Assistant/2020.7 (io.robbie.HomeAssistant; build:11; iOS 14.1.0) Mobile/HomeAssistant, like Safari)

The mobile app does connect but it seems that some connections are refused. I have the mobile app configured to connect to my server’s IP.

This works most of the time. I don’t understand why I keep getting these errors?


After I posted this I noticed a typo in the Internal URL in the screenshot. I have correct this but still get the error.

I see the same issue. As you say it all seems to work, just the annoying messages.
In my case, I have use an external cloud URL and internal URL based on a local IP address.
I’m seeing it from two different Apple devices.

Same issue here.

I also have ip_ban_enabled so I have an ip_bans.yaml file in my config file, showing my phones LAN IP address.

Add another one to the list. Has anyone figured this out yet?


Same issue here, This only happens from my wife’s iPhone, not the other androids or web browsers we use. This has been going on a long time, but never saw any issues. I would just like it to go away.

I have an nginx server different vlan than HassOS, This web server on my “DMZ” vlan has tcp 443 exposed to the internet and uses host headers to route web traffic. All ufw and physical ACLs are in place to allow the traffic required. Here is the error I get,

Login attempt or request with invalid authentication from ( (Mozilla/5.0 (iPhone; CPU iPhone OS 14_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Home Assistant/2020.7 (io.robbie.HomeAssistant; build:11; iOS 14.1.0) Mobile/HomeAssistant, like Safari)

+1 same problem here

if my iphone is in wifi, the error message comes from the IP of my iphone in wifi. If I am in the 4G network with my iPhone (port forwarding), the IP of my router is displayed in the error message.

Maybe this will help or bring us in the right direction. What stuff do you use?


  • google tts
  • alexa
  • tuya
  • deconz
  • ikea tradfi
  • circadian_lightning
  • withings
  • spotify
  • ifttt
  • ftp (official plugin)
  • lets encrypt
  • duckdns
  • a lot of hacs adons


I have wondered whether it is because I don’t ever “force close” the ios app (i.e. it is in the list of “background” apps) as I was told this was best practice by both Apple and HA as shown in
[Does iOS companion app have to run to get location]

I suspect there is something about ios going to sleep (as it does) and, maybe, timing out on the first contact or something like that. If that is the case, the apps (both ios app and HA) should be expecting that behaviour and somehow not cause a timeout.

One way or the other, as everyone has said, it works fine. It’s just a terrible nuisance to have the errors show up and could cause me to miss a real error.

1 Like

for me it is unfortunately not just a detail. my ip (when i’m in wifi my local i-phone ip; when i come from outside my internet ip) is blocked after a few such messages. of course i have increased the number of incorrect accesses to be tolerated. But I don’t want this tolerance to be too high either, and so I have to delete the ip-banns file every week and restart the rasperry.

Good point. Nuisance for most of us but a bigger deal for some. Either way, something is wrong and should be fixed. Hoping someone who knows about the app could help out. Have to know about the app and, probably intricacies of ios. Maybe @zacwest?

1 Like

There is a bug I am aware of which may be causing this in the background, which will be fixed with this issue. This will be fixed in the forthcoming 2021.2 beta [(2) or later]. This should be occurring very rarely; it is very timing-related.

Another cause of this that I have seen is based on camera loading. This is an issue in the frontend and how it talks to the app for access tokens, I think; it fails before asking for a newer one, or something like that. I have not been able to reproduce it well enough to have found the root cause.


I’m struggling with this problem as well.
Internal URL is http on local wifi network.
External URL is https with Synology reverse proxy.
It’s almost that as soon as I perform any action from the phone that I have 1 invalid login attempt. Logs show 168 occurences and as I user I could never figure out WHY these login attempts happen. Running the latest stable version.

It would be awesome if this could be fixed somehow. #fingerscrossed :wink:

With the latest update (IOS App 2021.2 and HA 2021.2.1) everything works for me now. @zacwest Thank you! :+1:

I was happy too soon. I just got the same error message :see_no_evil:

Adding my name to the list of people with this exact same issue.

Would it be possible to write an automation to delete / dismiss these false positive notifications automatically, as soon as they appear?

Here’s my somewhat ugly fix for this issue:

alias: False positive notification clearer thingy
description: ''
  - platform: time_pattern
    seconds: /15
condition: []
  - data:
      notification_id: http-login
    service: persistent_notification.dismiss
mode: single

There must be a more elegant solution, running this every 15 seconds is just crazy.

Hi i have the same issue. How can i fix it? Thanks for helping

My fix works, but it does fill up your logbook with an entry every 15 seconds :pensive:

There must be a way to trigger my notification dismissal only when the notification is added :thinking: