Shelly Integration with Username and password


it would be great if the username and password option can be enabled for shelly devices. Having 20+ Shelly devices in my network without the option of securing them just doesn’t feel right. It seems like the used lib home-assistant-libs/aioshelly: Python library to control Shelly ( is supporting the username and pw option.

Please add this to HA


Shelly integration supports setting authentication for Gen1 devices (Shelly 1, Shelly 2.5, …)
Gen2 devices (Plus/Pro) series is currently not supported

hi Shay @thecode , where is the username/password for the Shelly devices stored in HA?

for posterity:

this post has a solution for manuallly adding credentials to the .core/config_entries

1 Like

@techydude The user & password are stored in the .storage folder which should not be edited by users. If you need to set a password remove the device and add it again when password is enabled. If you name the channels in the device Web same as they are named in HA before removing it when you add it back it will have the same names.

CoAP only sends status updates to HA, when HA starts up we fetch information from the device via HTTP and device control (e.g Relay on/off) is also via HTTP.
Since HTTP does not have a simple way to to update a client (HA) for a changes on the server side (in this case Shelly) they used CoAP for that, CoAP packets are small and only contains state updates not the full device data.



what can one do to have the Shelly devices protected AND work with HA?

Is it a HA limitation or a Shelly limitation?

Acording to this it is a HA limitation. Is there a fix date available?

As is, it is not usable. Setting up a guest and a private WiFi not an easy solution (wide spread resort with many WiFi devices)

Shelly Gen1 devices (e.g. Shelly 1, Shelly 1PM, Shelly 2.5, Shelly Dimmer) support authentication and work with HA.
Shelly Gen2 devices (e.g. Shelly Plus 1, Shelly Plus 2) currently does not support authentication with HA.
These devices are new and support for authentication was just added in the device firmware.
We are working on implementing it, you can follow Shelly Gen 2 Authentication · Issue #63621 · home-assistant/core · GitHub for updates.
Do not ask for dates. The linked issue will be updated when we have news.


Pull requests for supporting Gen2 auth are already in progress, I hope to get it in for next core release (e.g. 2022.5.0)

1 Like

Gen2 authentication is fully supported in 2022.5.0 and above

1 Like


thank you for the fix that I am using successfully since 1 month now.

I can confirm that with the current firmware athentication works.


Thanks, it is working fine, I find missing the password change. I connected my shelly EM to home assistant and after a password change in the shelly web interface I’m unable to restore it in home assitant in other way than removing it and adding it again.



Sorry to ask here.

I am trying to find where to set the username and password for the shelly dimmer 2 (Shelly Dimmer 2 - Shelly Cloud) in the Home Assistant devices / Intergrations area.

I don’t want any device in my home that is not secured by password.

Am I overlooking a setup?


I am running:
Home Assistant 2023.4.4
Supervisor 2023.04.0
Operating System 9.5
Frontend 20230411.1

And HA integration with password protection of the web interface is not working.
I tired to connect a ShellyPlugS and a ShellyBulbDuo. They work fine, but only without password protection of the web interface.

No web interface password set:HA integration works
Web interface password protected: HA asks for username and password, but it is not working
No web interface password set → integrated into HA → Web interface password protected: HA doesn’t recognize the device anymore
No web interface password set → integrated into HA → Web interface password protected → deleted from HA: device cannot be reconnected to HA
No web interface password set → integrated into HA → Web interface password protected → deleted from HA → device factory reset: HA integration works again

It seems crazy, that this doesn’t work. Without password protecting the web interface it seems absurd to password protect HA at all. I set up ACLs with individual username and password for every ShellyPlugS on my MQTT broker (running alongside HA with InfluxDB, NodeRed, and Grafana), because they measure power consumption of servers and network equipment to prevent accidental (and unauthorized) access (the plugs are potential suicide switches), but they cannot be integrated into HA with password protection …

Am I doing something wrong? My HA version is much more recent than the one mentioned above, but it still doesn’t work with password.


There right place for this is a Github issue, there is already an open one which look similar to yours: Adding authentication to previously included shelly (without authentication) fails. · Issue #90044 · home-assistant/core · GitHub

I will try to take a look next week