Temporary service account for remote assistant

In my HA evangelization trip I have found the need to access my friends’ systems to give help but in some cases this becomes a privacy and trust issue.

So, Why not have a remote service account that takes care of user privacy? Here are some of my ideas. Not without problems surely.

  • Issues on mind, would be great if like the Lutron app HA could create temporary credentials (url included) to help on config. This user only has the attributes the owner chooses when created the credentials. So, the owner could choose about give him/her all access of only the front end, etc.

  • Disable cameras, live views and file explorer by default.

  • Persistent notification if the user is logged to cut off in any moment.

  • Time limit on session.

  • Email Report of a query in the logbook showing all the devices the user interact with on the session.
    -on all privileged service, session’s time limit to (much less time).

  • issue: how to share an external URL without compromising the future privacy and security?
    << the dns propagation time, certificate, etc, I don’t know how this work but I’m sure there’s a way to quickly deploy a secure URL that can be used in any explorer>>

anyone had thought this too?