I am not sure since my knowledge about Authentification processes is very limited…
The documentation tells me these steps must be followed to authenticate and start a session:
Send an HTTPS GET request to the server hostname with the URL set to the login page “/userlogin.html”
Answer: Copy the value of the TRACKID cookie. This cookie must be entered as a header in the following POST request.
Next, send an HTTPS POST request to the server hostname with the URL set to the login page /userlogin.html. The POST request must include the following information:
- Add a Cookie header with a value of TRACKID=[value], where [value] is the value of the TRACKID cookie shown in the image above.
- Add an Origin header with a value of [deviceip], where [deviceip] is the IP address of the device.
- Add a Referer header with a value of [deviceip]/userlogin.html, where [deviceip] is the IP address of the device.
- Enter the admin login credentials for the device in URL‑encoded format as raw data. The login key is the username value and the passwd key is the password value. Refer to the following sample syntax.
→ If the POST request is valid, the server returns a 200 OK response.
The response also contains authentication cookies that must be saved, as they will be required on all the subsequent requests. The following HTTPONLY cookies must be saved by the client for any API call:
If i follow these steps with POSTMAN i can establish a session with the device and send GET and POST as i wish.
My question is, if this will work with the authentification methods provided by the Restful Integration in HA?
As an alternative i could establish a session with WebSocket but i didnt look into that until now.