QR code as a method of pairing HomeAssistant Companion with Ha

Why can’t I pair the HomeAssistant Companion by scanning the QR code? This solution will allow you to quickly authorize the application in the HA system and will allow you to instantly log in to a person’s account in the HomeAssistant Companion application.

I see the solution in the main outline as follows:

  • The HomeAssistant Companion application is extended with a QR code scanner (a QR code scanner to authorize a given person’s account).
  • In the settings of individual people, a QR code is available, which must be scanned with the scanner built into the HomeAssistant Companion application.
  • We download the HomeAssistant Companion application, run the QR code scanner, use it to scan the QR code displayed on the person’s settings page (e.g. the main administrator (and ready, we are logged in to the application. There is no need to enter our HomeAssistant address in the application, we do not have to enter the login and password) , one scan of the QR code and it’s ready. :slight_smile:

You can read the development of the above suggestion in my post at the link below:

Cool idea. It also has a security benefit: Nobody can hijack the URL. (Assuming no malware in the computer that shows the QR code, no malware in the screen etc.)

1 Like

Pairing devices using QR codes has been a common practice recently. Microsoft is also taking advantage of this. We pair the smartphone with the “Your phone / Link with the phone” application in MS Windows with a QR code.

In the case of the HomeAssistant system, for an additional layer of security, after scanning the QR code with the HAC application on your smartphone, you can display an additional pairing confirmation window “Smartphone Samsung Jan wants to log in to your HomeAssistant account. Do you agree to this?”.

2 Likes

Oh, this is a good idea. Something I never knew I wanted. It should imbed the local & external URLs into the QRCode too. I don’t want to type that stuff all the time.

2 Likes

Home Assistant broadcasts both the internal and external URLS (and other stuff) via mDNS.
The companion app should really just default to using the URL data it can already see on the local network.

1 Like

This is how discovery works in the Android app. It only saves the external URL, internal URL can only be added once home WiFi is selected.

1 Like

Hey hey vote, vote! :slight_smile:

The functionality of pairing HA with HAC thanks to QR codes, smoothly moves to the next possibility, functionality (described under the link below in my post).

There is a bit of irony in that there is already a feature where you can scan QR codes from within the companion for adding Z-Wave Plus devices, but the companion does not actually contain a QR code scanner. Instead that functionality actually lives in the front-end web UI. Since the web UI is not available at the time you would be scanning here, an additional QR code scanning system would be needed.

QR code based setup is not even a new idea. I see some references to possibly using that for App setup from about 5 years ago.

Doesn’t this assume that everybody is on the network local to the home assistant instance during this process? I don’t think that we should rely on that.

I mean that is certainly true.

I would however always advise that no-one should ever be providing a QR code that can be used by anyone to login to a system externally. That’s a massive security issue.

But a QR code to login a guest to a user that is configured to only allow login on the local network, makes sense.

1 Like

I agree with @mobile.andrew.jones. Yes, for security reasons, logging in with the QR code should be possible only in the LAN network of the HomeAssistant system.

1 Like

QR code would just be an easier way of auto typing in a username & password… There is NO additional security risk. It doesn’t need to be overly complicated.

At the login screen just have a “login with QR code”, scan it and it just auto fills username & password. Helps with obnoxiously long passwords.

1 Like