I’ll give it a try. Thanks!
edit: That was it. been at this too long today. So, now I am seeing these errors.:
Login attempt or request with invalid authentication from 192.168.3.1
I was using legacy_auth/trusted networks previously.
Should we also remove trusted_options: from the http: section in configuration.yaml?
this authentication method still requires a user selection. I just had to update a local network service that was calling the rest api, to use the long lived tokens for auth as trusted networks no longer works.
Eventually, the http.trusted_networks will be removed. I advice you start migrating your application to long-lived access token or signed path
So, what option replaces legacy_auth, homeassistant? I’m getting invalid authentication errors with api_password: commented out.
No plan to move api_password around. The plan is sunset http.api_password and legacy auth provider together, probably before 1.0
Can I expect these errors to go away at that time? homeassistant becoming the only auth_provider needed for user authentication?
Not exactly.
Trusted Network Auth Provider will not be removed. Only Legacy API Password Auth Provider will discontinue (as its name suggested, and we already communicated about it many times)
Besides Homeassistant Auth Provider, we also have “Command Line Auth Provider” just released in 0.88
OK. Thank you for helping me understand these changes. I’ll keep trusted auth and homeassistant in my configuration.yaml.
I have a dashboard calling five cameras streams that is now causing an IP ban on the tablet displaying the dashboard after upgrading to 0.89.1 and re-working the trusted networks as per below. Anyone know why?
auth_providers:
- type: homeassistant
- type: trusted_networks
trusted_networks:
- 127.0.0.1
- 10.0.1.0/24
- 10.8.0.0/24
The banned device is on 10.0.1.87 and is trying to access the following:
/api/camera_proxy/camera.camera_proxy_camera_front_porch?token=xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Please keep trusted networks in both auth provider and http until 0.89.2 released
Who knew. Thank you so much. That worked. 
Just to clarify the docs on this.
Once I update to v89 (I’m on v88 now) then I need to move my “trusted_networks:” entry from under the “http:” section to the “auth_providers:” section under “homeassistant:”?
I now have this:
http:
ip_ban_enabled: True
login_attempts_threshold: 5
trusted_networks:
- 127.0.0.1
- 192.168.1.0/24
- 172.17.0.0/24
and I right now have no “auth_providers:” entry in the “homeassistant:” section.
But after I update to v89.2 I will need this:
homeassistant:
auth_providers:
- type: homeassistant
- type: trusted_networks
trusted_networks:
- 127.0.0.1
- 192.168.1.0/24
- 172.17.0.0/24
http:
ip_ban_enabled: True
login_attempts_threshold: 5That’s exactly what I have right now in 0.89.1… But I’m not using webhooks or anything like that so I am having no problems but you have read the changes correctly so far as I can see.
1 Like
Hello why it doesn’t work if I login from the local network, it tell me that the pc is not in the white list and yet my code is this: it seems ok …
auth_providers:
- type: trusted_networks
trusted_networks:
- 192.168.1.0/24
- 127.0.0.1
- fd00::/8
- ::1
trusted_users:
192.168.1.0/24:
- user_id1
- user_id2
allow_bypass_login: true
- type: homeassistant
see below
can anyone help me?
Only difference in mine is I have type: homeassistant listed above type: trusted_networks and I’m not using allow_bypass.
1 Like
Doesn’t “trusted_users” needs to be a list of IP-Addresses instead of a range?
It can be a subnet as well as individual addresses
1 Like