I also have adult children that I’d like to give limited access to only certain dashboards and entities.

I want them to be able to see if we are home or not and have a way to get in contact with me in an emergency if I’m not around my phone (I have what I call a “buzz home” system that when they push a button on a dashboard it announces over my smart speakers that someone is trying to contact me or my wife but only if we are home). But they don’t need to access my security cameras or control the lights. Not that they would intentionally but what if their phones are compromised or they accidentally do something.

I used to do this with the (now defunct) Compact Custom Header. It wasn’t perfect but it was better than it is now since I could turn off all the obvious extra access stuff (sidebar, header). but since that’s gone it’s way harder to provide that limited functionality.

I second many of the points in here about why they would want access control.

I’m a little bit surprised that there is such a question about why, but perhaps it ties into how it will be implemented…

A broad why for me is this:

When I invite people into my home, I would like them to be able to enjoy the home as I enjoy it, however there are rooms of my home that are best left alone.

For example, although I would let them into the utility closet, some people don’t have any reason to be in there unsupervised. Mischief or curiosity might get the best of them. This could be harmful to themselves, or someone else in the home, or the home itself.

As it is, without complex external (not core) measures, giving any access to Home Assistant is akin to giving a universal key to every room, fixture, device, etc that I have integrated through Home Assistant.

In short, the reason is because it doesn’t make sense to give a universal key to every person who enters your home, yet you would like to be able to give them access to enjoy your home.

Without this functionality we must resort to highly technical approaches, or just not give friends, family, guests, tenants, etc access to the use our Home Assistant. (For what it’s worth, not giving access means there’s less exposure of new people to such an awesome platform).

Asks

• expose specific dashboards to the network without any login.
• use groups and or users to restrict access to any and all entity/devices/dashboards.
• allow a user or group to be assigned a specific dashboard that they’re login is limited to.
• allow a user or group to be restricted from certain layers of the dashboard (like browser mod, disallow certain menus, history, more info, etc) which can be used to access areas that should be behind a wall.

A personal note:
My son is 13, and I’m teaching him how to administrate some of our servers and home assistant. I would really like him to be able to have access to almost everything in home assistant, so he can explore and see what it looks like, including setting up his own automations, scripts, etc. There are areas I would rather block off, as the consequences of an errant finger tap are too high.

A final thought:
Something I’ve wrestled with is the benefit of giving access to my kids to home assistant on their phones, yet the risk of allowing this device out into the world that has a conduit back to our home. Although I absolutely am teaching my kids about security, there is an element of risk that they might choose not to follow best practices, or just loan their phone to a friend. Or perhaps somebody looked over their shoulder got their pin and took their phone. Now this person has access to my home physically, and remotely. Not good. I think enough is said right there about the value of this.

Thank you for coming to my presentation.

Please make 2025 the Year of Security.

I would object to this part only.

Some kind of log in MUST happen even if it’s QR code or some kind of simple numeric or pictograph.

Zero trust. never have - no login. If you’re not logged in your access is None.

(my wall tablets each have thier own accounts and auto login)

bad things happen with anonymous access to something that can (potentially) be elevated and we must assume it’s possible.

Everything else. Yep.

To be fair to the HA team that asked why, I don’t think it was because they couldn’t think of any good reasons. I think they were just trying to probe for the underlying reasons so that they could make more educated decisions.

I’m setting up a dashboard for my “not-so-tech-savy” parents. I’m just trying to make it as plain as possible. I don’t like the idea of my parents losing theirselves into more and more submenus.

That’s fair that not everyone would have a use for this, but it wouldn’t be a requirement to expose anything. Just an option. In my use case they’ve already authenticated to low level trust by being on our home or even guest network. I’m good with them turning on the lights and music, etc.

If the dash is configured right there should be a very low risk of elevation. As it is I had to jump through extreme hoops to prototype cobble together something similar over here, and again if it weren’t for WPA2 I wouldn’t like it. That approach isn’t scalable to more than a few basic interactions due to the legwork involved.

I’m sure you’re right. I could’ve/should’ve would’ve skipped that comment. Thank you Home Assistant team!

I share a house with two other, non-technical people. +1 on being a control freak, security minded IT professional who prefers to follow standard security practices for most of the reasons previously mentioned.

@MissyQ and @anakinsbrn:

• One of my housemates has a girlfriend I would like to give access to on her mobile device. However, neither he nor she should have location access to the other’s device history! That could cause relationship problems and could possibly become a legal issue (stalking/tracking another person) one day! She should also be limited to controlling devices in his part of the house plus the common areas like kitchen, living room, etc, door locks, and garage door. We already have the option for access only when on local LAN which is a great start for this case scenario.
• Owning a house in NYC also means we have a lot of out of town company. I give them mobile devices (old cell phones and tablets with the companion app logged into a guest account) to use while staying with us. They needed restricted access to the devices and options available in the bedrooms they are sleeping in plus the common areas only. A guest dashboard with no menus.
• In addition, I would like to add a wall tablet on the deck for light and media center control. That means it would be outside and I certainly do not want easy access to all of Home Assistant accessible to a would be burglar.

So, for many of the reasons previously mentioned plus possible legal issues and possible home security issues, I feel the current way the frontend is exposed poses production ready application roadblocks. It is, however, fantastic for the individual who sets up and maintains the system.

This is an amazing project with a fabulous community behind it and I use Home Assistant in production within our three homeowner group but am not comfortable at all sharing with others with which we give keys to the house.

I also am in the camp of zero trust, no access until specifically granted, Linux style security.

We are working on an open source/hardware physical access control system using secure NFC (desfire etc.) and a controller using ESP32 (Olimex: ESP32-POE2 + MOD-IO boards). Most likely we will integrate with HA, though it will be independent for stability. RBAC would be nice in HA. Maybe via an integration with an existing identity provider platform such as Authentik or Zitadel.

I am new to HA, was using a proprietary KNX integration to control (and give my family and guests control) to everything in my house - with layered security.
In my home, this controls everything from lights and outlets to heating, car charging, and the security alarm device, not to mention the Omada network controller.
I want to move away from the proprietary system because it is expensive, outdated, closed shop shop solution requiring old energy intensive hardware, and found HA which seemed to be the perfect replacement with integrations for basically everything.

I was puzzeled to learn that HA has only minimal means of securing access beyond admin and regular users. While I found some workable but tiresome solutions by reading this thread alone, I am wondering why the middleware was designed without a security concept in mind.

Absolutely supporting the idea of making 2025 the year of security for HA!

Yesterday 4 lads, my son and his friends in their early 20s were drinking in my house 'till 7 o’clock in the morning. 3 of the 4 are computer sciences university students. The evening news could begin like this: 3 totally drunk CS students stood in front of a HA wall panel, when they decided to …

If per-entity access control is implemented, you do not need to hide those sidebar items. As people will be able to open them, but nothing will show up unless they have permission to see the status of specific devices.

One of the key pain points that people have is that home assistant provides a lot of data to people that simply should not have them.

Sometimes it is useful to give access to people to certain actions on and to view the status of certain devices. But the same people shouldn’t have access to, for example, location whereabouts of other people in the household or detailed timelines of devices they don’t need to control.

Fine grained (per entity view / operate — read/write) permissions accomplish that easily. If a user can’t view an entity, it, its attributes, and its history, is for all intents and purposes invisible. Instant privacy controls.

HA’s core values include privacy.

I would argue that you should be able to restrict your child from having any access to those light bulbs so that he cannot tamper with them. He can get access granted to the Christmas lights, but not to the Inovelli ones.

If the problem is that you have a control surface at home that anyone can touch, then in principle, that control surface should only be granted access to the devices that people with physical access to the control surface should be able to change.

Hi there Missy. I love it when you appear on stream.

Isn’t access control matter of adding a layer that checks for permission to run actions involving entities in between the user interface and the actual code of the integrations that executes actions? If the action takes an entity, then that entity should be evaluated at that point or that layer. There is more sophisticated processing needed in the case of devices as well. But if the device referenced by the action implies an entity will be managed, then the permission for the entity should count.

As for the view or read side of things, there should be a layer in the web socket communication that sends status updates and renders Jinja templates (id est the code powering the hass object in the frontend) that filters out entities a user shouldn’t be able to see, coupled with the same filter at the history / logbook entr points.

One thing that I’m thinking of people would find extremely useful is if I make a dashboard, I should be able to, for example, in the case of a tile in a section, go to the condition step and hide a section or a tile if the entity it’s referencing is forbidden for the user. This could mean that there is a check that doesn’t exist yet that verifies that the entity is visible from the standpoint of the user based on the permissions that the administrator has delegated on the entity and user.

This would make for very adaptive dashboards that hide entire sections if a user has not been granted permission to a specific entity. Or putting it into other words, if the home assistant frontend cannot see that an entity exists because the backend has filtered it before sending any data to the frontend.

You can not examine all the use cases people have in their minds. Some may control their fish tank with it, their woodworking shop full of machinery or a small hotel. HA became a general purpose automation tool and may also contain a ton of sensitive data. It should offer the highest grade security possible. As should any software by the way. This is trivial.

But if you need more examples:

Lots of us are controlling high power equipment or moving objects like gates and garage doors. Those can kill someone or burn down the whole neighborhood. Security in such applications must be implemented in all layers from a photocell at the gate and torque sensing in its motor driving electronics up to Home Assistant. A kid opens and closes the gate just for fun because he has access to all the entities in HA? Not in my house.

So my answer to your “Why is that important to you?” question is: I like to sleep well.

That reminds me, I’ve seen a few different people post about using HA for exactly that. Clearly limiting people to their room is a Good Thing

As someone being involved with home automation since 1980 (yes, you read that right) and have used several home automation platforms throughout the years, I too am shocked that there is no RBAC in a product as sophisticated as HASS. I’m currently using HomeSeer and trying to migrate to HASS, but the lack of access control is troubling and an actual risk to privacy and safety. I won’t state individual use cases because others here have already stated exact scenarios where privacy or safety are jeopardized due to anyone having complete access to the system via the app or a web browser.

I’m also thinking of going back to being a home automation integrator/consultant once I retire from my corporate job and I would love to be able to recommend HASS to non-technical people. But without the ability to prevent casual users from messing up their systems, there’s no way I can responsibly recommend using HASS.

Another vote for making 2025 The Year of Security.

Hear me out here, since everyone is talking about guest access:

QR code onboarding?

Scan a QR to login as guest/user, and each code can have a set expiry limit.

I like to expose some very specific entities (like solar production, hot water and heating temperatures, garden lights) to my granny flat within our house. Currently this is not possible because of the missing implementation of RBAC. Working around with a second HA instance and pushing values over MQTT, which is very complex to manage…

IMHO this topic can no longer be ignored by the core team. The votes speak for them self. Looking forward to a secure 2025.