RestAPI unathorized with "requires_api_password": false

rcervenan · September 12, 2018, 8:30am

Hello everybody,
I use for months Rest API without requires_api_password on my local network, especially Get methods:
http://192.168.100.109:8123/api/states
I uploaded last version of hassbian (2018-06-23-Hassbian.img) and from that moment that api returns me only HTTP/1.1 401 Unauthorized.
But command
http://192.168.100.109:8123/api/discovery_info
returns me correctly what I’m expecting:
{“base_url”: “http://192.168.100.109:8123”, “location_name”: “Home”, “requires_api_password”: false, “version”: “0.77.3”}

In configuration.yaml I have included
api:

What should be wrong?

My suggestion: If I know, only one thing I made differently from my last hassbian installation - I did not have any username / password on web access, but now I created one after first www access to HA. I suppose, that this should be the problem, but I did not find any way, how to delete this user and leave it totally open (my local network - why no??) - and, /api/discovery_info works and returns me : “requires_api_password”: false.

Thanks for any suggestion…
Regards,
Roman

awarecan · September 13, 2018, 6:24pm

Please read release note, or at least search the forum before you ask.

You need add http.api_password.

Or, you can wait 0.78 or use 0.78 beta now, you can generate an access token, and include it in your script.

rcervenan · September 16, 2018, 12:39pm

Hello awarecan.
Thanks for answer, now it’s working with http.api_password.
But I was wondering why it was working before reinstall without this setting, and if there is some possibility to delete all users and leave it open without users.
So, thank you anyway…
R.