Rhasspy cannot reach HASS (client error: unauthorized for URL)

Hi, I have the latest version of Homeassistant with hass.io running on my pi3. When installing and configuring rhasspy, i get the following error:

401 Client Error: Unauthorized for url: http://hassio/homeassistant/api/events/rhasspy_ChangeLightState

I did create a longlived access token in hass and entered it in the rhasspy configuration, because unfortunately rhasspy did not fill it out for me (anymore, after several failed installs and reinstalls).

rhasspy tries to communicate with hass via http://hassio/homeassistant/,
any other url leads to a “cannot reach server” message. This one has no error, so i assume it is right.

Trigerring the events manually in hass also works fine. do i need to set any other permissions, such as SSH or so to work? When sending a message with the token to hass via postman, it works, so I assume the issue lies with Rhasspy and the way it compiles it’s POST request.

Hello my name Is Rayco, I hace the same problema. Can help us ?

I wonder if it has to do with the recent python upgrade of the latest hass.io version? This is from my Rhasspy log:

  File "/usr/share/rhasspy/rhasspy/intent_handler.py", line 218, in forward_intent
    response.raise_for_status()
  File "/usr/local/lib/python3.6/dist-packages/requests/models.py", line 940, in raise_for_status
    raise HTTPError(http_error_msg, response=self)
requests.exceptions.HTTPError: 401 Client Error: Unauthorized for url: http://hassio/homeassistant/api/events/rhasspy_ChangeLightState
[DEBUG:10762000] HomeAssistantIntentHandler: POSTed intent to http://hassio/homeassistant/api/events/rhasspy_ChangeLightState
[DEBUG:10761993] urllib3.connectionpool: http://hassio:80 "POST /homeassistant/api/events/rhasspy_ChangeLightState HTTP/1.1" 401 17
[DEBUG:10761974] urllib3.connectionpool: Starting new HTTP connection (1): hassio:80
[DEBUG:10761955] __main__: {"intent": {"name": "ChangeLightState", "confidence": 1.0}, "entities": [{"entity": "state", "value": "off", "raw_value": "off", "start": 5, "raw_start": 5, "end": 8, "raw_end": 8, "tokens": ["off"], "raw_tokens": ["off"]}, {"entity": "name", "value": "window lights", "raw_value": "window lights", "start": 13, "raw_start": 13, "end": 26, "raw_end": 26, "tokens": ["window", "lights"], "raw_tokens": ["window", "lights"]}], "text": "turn off the window lights", "raw_text": "turn off the window lights", "recognize_seconds": 0.009072346001630649, "tokens": ["turn", "off", "the", "window", "lights"], "raw_tokens": ["turn", "off", "the", "window", "lights"], "speech_confidence": 1, "slots": {"state": "off", "name": "window lights"}, "wakeId": "", "siteId": "default", "time_sec": 0.01611161231994629}
[INFO:10742877] quart.serving: 192.168.0.47:50159 GET /favicon.ico 1.1 500 13 24422
[ERROR:10742855] __main__: NotFound(404)

I really don’t understand much about it, I hope someone can help us

@synesthesiam A fresh install of Rhasspy as a hass.io addon doesn’t work with HomeAssistant - it can’t connect to its API, it gets a 401 Unauthorized.

[DEBUG:7721464] PorcupineWakeListener: started -> listening
[DEBUG:7721462] DialogueManager: ready -> asleep
[INFO:7721461] DialogueManager: Automatically listening for wake word
[DEBUG:7721456] DialogueManager: handling -> ready
[ERROR:7721444] HomeAssistantIntentHandler: handle_intent
Traceback (most recent call last):
  File "/usr/share/rhasspy/rhasspy/intent_handler.py", line 110, in in_started
    intent = self.handle_intent(intent)
  File "/usr/share/rhasspy/rhasspy/intent_handler.py", line 155, in handle_intent
    self.forward_intent(intent_name, event_type, slots)
  File "/usr/share/rhasspy/rhasspy/intent_handler.py", line 187, in forward_intent
    response.raise_for_status()
  File "/usr/local/lib/python3.6/dist-packages/requests/models.py", line 940, in raise_for_status
    raise HTTPError(http_error_msg, response=self)
requests.exceptions.HTTPError: 401 Client Error: Unauthorized for url: http://hassio/homeassistant/api/intent/handle
[DEBUG:7721435] urllib3.connectionpool: http://hassio:80 "POST /homeassistant/api/intent/handle HTTP/1.1" 401 17
[DEBUG:7721407] urllib3.connectionpool: Starting new HTTP connection (1): hassio:80
[DEBUG:7721394] WebSocketObserver: {"intent": {"name": "ChangeLightState", "confidence": 1.0}, "entities": [{"entity": "name", "value": "study lights", "raw_value": "study lights", "start": 9, "raw_start": 9, "end": 21, "raw_end": 21, "tokens": ["study", "lights"], "raw_tokens": ["study", "lights"]}, {"entity": "state", "value": "on", "raw_value": "on", "start": 22, "raw_start": 22, "end": 24, "raw_end": 24, "tokens": ["on"], "raw_tokens": ["on"]}], "text": "turn the study lights on", "raw_text": "turn the study lights on", "recognize_seconds": 0.009700438000436407, "tokens": ["turn", "the", "study", "lights", "on"], "raw_tokens": ["turn", "the", "study", "lights", "on"], "speech_confidence": 0.11110776535696966, "wakeId": "True", "siteId": "default", "hass_event": {"event_type": "rhasspy_ChangeLightState", "event_data": {"name": "study lights", "state": "on", "_text": "turn the study lights on", "_raw_text": "turn the study lights on"}}, "slots": {"name": "study lights", "state": "on"}}
[DEBUG:7721370] DialogueManager: recognizing -> handling

Settings > Intent Handling > Use Home Assistant > Access Token field was empty, so I filled it with a manually created Long-lived token.

The API itself works alright when I connect to it from my PC:

curl -H "Authorization: Bearer LONG_TERM_TOKEN_HERE" 192.168.0.21:8123/api/discovery_info
{"base_url": "http://192.168.0.21:8123", "location_name": "Home", "requires_api_password": true, "version": "0.103.5"}

Is Rhasspy trying to hit the wrong APIs?

it’s really desperate

Same issue here, trying to solve it.

Rhasspy is automatically filling the HASSIO_TOKEN and posting that as X-HASSIO-KEY in the headers. This is the correct way.
I can reproduce with a simple addon and I am busy investigating the issue

I have the same issue on HassOS 2.12 and Hassio 0.102.0. Not with Rhasspy but with my simple test addon.
Since it was always working, I still suspect some version of HassOS/Hassio breaking this, not Rhassy by itself

I was able to work around the issue for now by changing the Hass URL on the “Intent Handling” settings page of Rhasspy to the HA URL e.g. to http://192.168.x.x:8123

Would be nice to get it fixed properly though!

This issue is fixed in version 2.4.15.2, please confirm

Not working for me.
Rhasspy 2.4.15.2
HassOS 2.12

I see I am on HassOS 3.7, please try with 3.7
Also, you can first try and hit the rebuild button, which should pull the latest docker.

Thanks, updated to 3.7, rebuilt Rhasspy, restarted the entire thing - no succes.
Then used the method from @cloudycelt with the IP adress and it seems to work for now. Thanks for the quick support everybody, and Happy New Year!

Strange, because the new version is using exactly that same method for authentication.
Only difference is that it is using the HASSIO_TOKEN and not the long lived token.

I had issues with the Rhasspy add-on because it did not recognize my SSL/HTTPS domain name properly. I used the docker option

--add-host 192.168.1.xx:my-hassio.duckdns.org

on the Rhasspy docker container and all works properly now.

Is this on the “client” that you have to do this?
I’m brand new to this today…just playing around and I’m seeing this error also.
So by client I mean a raspi 3 running just rhasspy. I have hassio running on another machine.

Yes, on the ‘client’ Rhasspy system.

Okay got a bit of time to mess with this again and I started from scratch and this time only installed on the Pi. Nothing installed on hassio. I misunderstood the last time I tried and thought I had to have rhasspy installed on both.

I used the base URL as visible from the outside world
https://xxxx.duckdns.org:1234
and then the token to authorize it.
This may not work for everyone’s situation depending on their network setup so YMMV.

I know this is an old thread but am desperate. I am using https with duckdns and I tried every possible option in the hass setting in Rhassoy addon.
with http only, I get 401 in the log
with https:

   assert response_dict, f"No response from {self.url}"
AssertionError: No response from https://192.168.6.10:8123
[ERROR:2021-03-25 15:18:32,907] asyncio: SSL error in data received
protocol: <asyncio.sslproto.SSLProtocol object at 0x7fed140cd208>
transport: <_SelectorSocketTransport fd=12 read=polling write=<idle, bufsize=0>>
Traceback (most recent call last):
  File "/usr/lib/python3.7/asyncio/sslproto.py", line 526, in data_received
    ssldata, appdata = self._sslpipe.feed_ssldata(data)
  File "/usr/lib/python3.7/asyncio/sslproto.py", line 207, in feed_ssldata
    self._sslobj.unwrap()
  File "/usr/lib/python3.7/ssl.py", line 767, in unwrap
    return self._sslobj.shutdown()
ssl.SSLError: [SSL: KRB5_S_INIT] application data after close notify (_ssl.c:2609)